CVE-2002-1169
CVSS5.0
发布时间 :2002-11-04 00:00:00
修订时间 :2008-09-10 15:14:00
NMCOES    

[原文]IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to cause a denial of service (crash) via an HTTP request to helpout.exe with a missing HTTP version number, which causes ibmproxy.exe to crash.


[CNNVD]IBM WebSphere Edge Server Caching Proxy远程拒绝服务攻击漏洞(CNNVD-200211-001)

        
        IBM WebSphere Edge Server Caching Proxy是WEB服务器缓存代理系统。
        缓冲代理服务器中的helpout.exe CGI程序对不完整HTTP请求处理不正确,远程攻击者可以利用这个漏洞进行拒绝服务攻击。
        攻击者向IBM缓冲代理服务器提交/cgi-bin/helpout.exe文件请求,并且这个HTTP请求不包含HTTP版本信息的情况下,可导致服务程序ibmproxy.exe崩溃,产生拒绝服务攻击。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:ibm:websphere_caching_proxy_server:4.0IBM WebSphere Caching Proxy Server 4.0
cpe:/a:ibm:websphere_caching_proxy_server:3.6IBM WebSphere Caching Proxy Server 3.6

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1169
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1169
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200211-001
(官方数据源) CNNVD

- 其它链接及资源

http://www.rapid7.com/advisories/R7-0007.txt
(VENDOR_ADVISORY)  MISC  http://www.rapid7.com/advisories/R7-0007.txt
http://www.iss.net/security_center/static/10452.php
(VENDOR_ADVISORY)  XF  ibm-wte-helpout-dos(10452)
http://www.securityfocus.com/bid/6002
(UNKNOWN)  BID  6002
http://www.osvdb.org/2090
(UNKNOWN)  OSVDB  2090
http://www-1.ibm.com/support/search.wss?rs=0&q=IY35970&apar=only
(UNKNOWN)  AIXAPAR  IY35970

- 漏洞信息

IBM WebSphere Edge Server Caching Proxy远程拒绝服务攻击漏洞
中危 输入验证
2002-11-04 00:00:00 2005-05-13 00:00:00
远程  
        
        IBM WebSphere Edge Server Caching Proxy是WEB服务器缓存代理系统。
        缓冲代理服务器中的helpout.exe CGI程序对不完整HTTP请求处理不正确,远程攻击者可以利用这个漏洞进行拒绝服务攻击。
        攻击者向IBM缓冲代理服务器提交/cgi-bin/helpout.exe文件请求,并且这个HTTP请求不包含HTTP版本信息的情况下,可导致服务程序ibmproxy.exe崩溃,产生拒绝服务攻击。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 把/cgi-bin/helpout.exe文件在补丁安装之前移到不可执行目录中。
        厂商补丁:
        IBM
        ---
        IBM需要安装Caching Proxy efix build 4.0.1.26或者更高版本的补丁。Efix可以从IBM的FTP站点中获得。客户也可以联系IBM供应商获得补丁。
        
        http://www.ers.ibm.com/

- 漏洞信息 (21949)

IBM Websphere Caching Proxy 3.6/4.0 Denial Of Service Vulnerability (EDBID:21949)
unix dos
2002-10-18 Verified
0 Rapid7
N/A [点击下载]
source: http://www.securityfocus.com/bid/6002/info

A vulnerability has been reported in the Caching Proxy component bundled with IBM WebSphere Edge Server. The vulnerability is due to inadequate checks when processing HTTP headers.

An attacker can exploit this vulnerability by sending a malformed HTTP request to the Caching Proxy. When the service attempts to process the request the service will crash thereby causing the denial of service.

GET /cgi-bin/helpout.exe HTTP 		

- 漏洞信息

2090
IBM WebSphere Caching Proxy DoS
Denial of Service
Loss of Availability

- 漏洞描述

IBM Web Traffic Express (WTE) is a Web caching proxy server that is included as a component in the WebSphere Edge Server. IBM Web Traffic Express versions 4.x (included with IBM WebSphere Edge Server version 2.0) and 3.6 are vulnerable to a denial of service attack. If a remote attacker sends a specially-crafted HTTP request to the /cgi-bin/helpout.exe script, the attacker would cause the proxy server (ibmproxy.exe) to crash.

- 时间线

2002-10-23 Unknow
Unknow Unknow

- 解决方案

A suggested workaround is to move the '/cgi-bin/helpout.exe' file to a non-executable directory until a fix has been applied. Users are advised to install Caching Proxy efix build 4.0.1.26. Users of Caching Proxy Server 3.6 are advised to contact their vendor for information about obtaining fixes.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

IBM Websphere Caching Proxy Denial Of Service Vulnerability
Input Validation Error 6002
Yes No
2002-10-18 12:00:00 2009-07-11 06:06:00
Discovery of this vulnerability credited to Joe Testa of Rapid 7.

- 受影响的程序版本

IBM WebSphere Caching Proxy Server 4.0
+ IBM WebSphere Edge Server 2.0
IBM WebSphere Caching Proxy Server 3.6

- 漏洞讨论

A vulnerability has been reported in the Caching Proxy component bundled with IBM WebSphere Edge Server. The vulnerability is due to inadequate checks when processing HTTP headers.

An attacker can exploit this vulnerability by sending a malformed HTTP request to the Caching Proxy. When the service attempts to process the request the service will crash thereby causing the denial of service.

- 漏洞利用

The following proof of concept was provided:

GET /cgi-bin/helpout.exe HTTP

- 解决方案

Users are advised to install Caching Proxy efix build 4.0.1.26. Users of Caching Proxy Server 3.6 are advised to contact their vendor for information about obtaining fixes.


IBM WebSphere Caching Proxy Server 4.0
  • IBM IY35970

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站