CVE-2002-1215
CVSS10.0
发布时间 :2002-10-28 00:00:00
修订时间 :2008-09-10 15:14:03
NMCOS    

[原文]Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).


[CNNVD]Linux-HA Heartbeat远程缓冲区溢出漏洞(CNNVD-200210-294)

        
        Heartbeat是一款高可用性(High-Availability)Linux下的系统监视工具。
        Linux-HA heartbeat在处理TCP包时存在问题,远程攻击者可以利用这个漏洞进行远程缓冲区溢出攻击,可能以root用户的权限在系统上执行任意指令。
        如果系统把心跳信号通过Internet网络发送信息的情况下,远程攻击者可以发送特殊构建的TCP包触发缓冲区溢出,精心构建提交数据可能以root用户的权限在系统上执行任意指令。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1215
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1215
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200210-294
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/5955
(VENDOR_ADVISORY)  BID  5955
http://www.debian.org/security/2002/dsa-174
(VENDOR_ADVISORY)  DEBIAN  DSA-174
http://www.novell.com/linux/security/advisories/2002_037_heartbeat.html
(UNKNOWN)  SUSE  SuSE-SA:2002:037
http://www.iss.net/security_center/static/10357.php
(VENDOR_ADVISORY)  XF  linuxha-heartbeat-bo(10357)
http://linux-ha.org/security/sec01.txt
(UNKNOWN)  CONFIRM  http://linux-ha.org/security/sec01.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000540
(UNKNOWN)  CONECTIVA  CLA-2002:540

- 漏洞信息

Linux-HA Heartbeat远程缓冲区溢出漏洞
危急 边界条件错误
2002-10-28 00:00:00 2005-10-20 00:00:00
远程  
        
        Heartbeat是一款高可用性(High-Availability)Linux下的系统监视工具。
        Linux-HA heartbeat在处理TCP包时存在问题,远程攻击者可以利用这个漏洞进行远程缓冲区溢出攻击,可能以root用户的权限在系统上执行任意指令。
        如果系统把心跳信号通过Internet网络发送信息的情况下,远程攻击者可以发送特殊构建的TCP包触发缓冲区溢出,精心构建提交数据可能以root用户的权限在系统上执行任意指令。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-174-1)以及相应补丁:
        DSA-174-1:New heartbeat packages fix buffer overflows
        链接:
        http://www.debian.org/security/2002/dsa-174

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2.dsc

        Size/MD5 checksum: 658 4e8837e9eb95922aa5afc247a494db5f
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2.diff.gz

        Size/MD5 checksum: 46755 411725a4fd7aa7eef881cf51ba1a8cfb
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l.orig.tar.gz

        Size/MD5 checksum: 308033 1dcae9e87ad2e5c2113e91a884c1ca8e
        Architecture independent components:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/ldirectord_0.4.9.0l-7.2_all.deb

        Size/MD5 checksum: 33118 27d3073cade1d823e0405755b9b4ebd1
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2_alpha.deb

        Size/MD5 checksum: 207742 bad9f314f54f855aca65766778a6c0b6
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_0.4.9.0l-7.2_alpha.deb

        Size/MD5 checksum: 15444 461b6552e2ad5ed112bbad3a13e083b7
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_0.4.9.0l-7.2_alpha.deb

        Size/MD5 checksum: 14078 1a03d5c6f3dff85bcd9a20e5b1286c79
        
        http://security.debian.org/pool/updates/main/h/heartbeat/stonith_0.4.9.0l-7.2_alpha.deb

        Size/MD5 checksum: 63892 3a8013ede5a68f62af818bd6f13369ea
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2_arm.deb

        Size/MD5 checksum: 193994 b2547bee30b2db32b8fd53943a6a0c1e
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_0.4.9.0l-7.2_arm.deb

        Size/MD5 checksum: 15108 1e284480e2ec8e1e45c11d6035847f37
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_0.4.9.0l-7.2_arm.deb

        Size/MD5 checksum: 13430 3424c37fbb757be208ac220636b1a3e6
        
        http://security.debian.org/pool/updates/main/h/heartbeat/stonith_0.4.9.0l-7.2_arm.deb

        Size/MD5 checksum: 53572 9ee34e2dc31d9bb9eb7f430e9c259c3e
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2_i386.deb

        Size/MD5 checksum: 185196 b59c131ae306280c722716ac3d54ac37
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_0.4.9.0l-7.2_i386.deb

        Size/MD5 checksum: 14786 c5524b1271c4dd6863d16af09b3f5427
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_0.4.9.0l-7.2_i386.deb

        Size/MD5 checksum: 13300 b95830c76892050c2f78e924a4881b6c
        
        http://security.debian.org/pool/updates/main/h/heartbeat/stonith_0.4.9.0l-7.2_i386.deb

        Size/MD5 checksum: 51018 c1b98bd10d698030abde5e608a694762
        Intel IA-64 architecture:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2_ia64.deb

        Size/MD5 checksum: 259426 34814d6a05215a9cbd3e5c96420d16dd
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_0.4.9.0l-7.2_ia64.deb

        Size/MD5 checksum: 16156 65ff55faefafac7d4283ce57441d7d00
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_0.4.9.0l-7.2_ia64.deb

        Size/MD5 checksum: 15240 ff38757ef93dc3bf1027062c6f3bc06e
        
        http://security.debian.org/pool/updates/main/h/heartbeat/stonith_0.4.9.0l-7.2_ia64.deb

        Size/MD5 checksum: 100186 cc86feab05680b136abd9730a42c49c7
        HP Precision architecture:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2_hppa.deb

        Size/MD5 checksum: 195424 bd2d9eae9a1b3dd8fefd11c30520baa7
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_0.4.9.0l-7.2_hppa.deb

        Size/MD5 checksum: 15250 93505675caf2cb172abae2219ed0e5eb
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_0.4.9.0l-7.2_hppa.deb

        Size/MD5 checksum: 13620 e6d96de79a3c2963cad57c189ce4efd8
        
        http://security.debian.org/pool/updates/main/h/heartbeat/stonith_0.4.9.0l-7.2_hppa.deb

        Size/MD5 checksum: 55176 d6b01189015ccf70c6cdb9e34dfa3253
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_0.4.9.0l-7.2_m68k.deb

        Size/MD5 checksum: 187538 c5d11a2c4504d6c828fa34927faa2a4a
        
        http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_0.4.9.0l-7.2_m68k.deb

        Size/MD5 checksum: 14930 9bb0a67c7b56e72a6053e3c4ab175079
        
        http://security.debian.org/pool/updates/main/h/

- 漏洞信息

14512
heartbeat Multiple Unspecified Remote Format Strings
Remote / Network Access, Local / Remote, Context Dependent Input Manipulation
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-10-14 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux-HA Heartbeat Remote Buffer Overflow Vulnerability
Boundary Condition Error 5955
Yes No
2002-10-14 12:00:00 2009-07-11 06:06:00
Discovered by Nathan Wallwork.

- 受影响的程序版本

Linux-HA heartbeat 0.9.4 d
Linux-HA heartbeat 0.4.9 c
Linux-HA heartbeat 0.4.9 b
Linux-HA heartbeat 0.4.9 a
Linux-HA heartbeat 0.4.9 .1
+ Conectiva Linux 8.0
Linux-HA heartbeat 0.4.9
- Debian Linux 3.0 sparc
- Debian Linux 3.0 s/390
- Debian Linux 3.0 ppc
- Debian Linux 3.0 mipsel
- Debian Linux 3.0 mips
- Debian Linux 3.0 m68k
- Debian Linux 3.0 ia-64
- Debian Linux 3.0 ia-32
- Debian Linux 3.0 hppa
- Debian Linux 3.0 arm
- Debian Linux 3.0 alpha
- Debian Linux 3.0
Linux-HA heartbeat 0.9.4

- 不受影响的程序版本

Linux-HA heartbeat 0.9.4

- 漏洞讨论

The Linux-HA heartbeat utility is vulnerable to a remotely exploitable buffer overflow condition. Attackers may exploit the vulnerability to execute arbitrary code. It has been reported that the condition is related to the handling of TCP packets.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

The vulnerability is eliminated in versions 0.4.9.2 and 0.4.9e.

Debian has released patches.

Conectiva has released patches.


Linux-HA heartbeat 0.4.9

Linux-HA heartbeat 0.4.9 a

Linux-HA heartbeat 0.4.9 .1

Linux-HA heartbeat 0.4.9 c

Linux-HA heartbeat 0.4.9 b

Linux-HA heartbeat 0.9.4 d

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站