CVE-2002-1251
CVSS10.0
发布时间 :2002-11-12 00:00:00
修订时间 :2008-09-05 16:30:08
NMCOS    

[原文]Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message.


[CNNVD]Michael Krax log2mail远程缓冲区溢出漏洞(CNNVD-200211-018)

        
        log2mail是一款用于监视日志文件,能通过邮件发送日志与模型匹配的工具。
        log2mail守护程序对畸形日志处理不正确,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以root用户权限在系统上执行任意指令。
        log2mail守护程序在系统启动阶段运行,而且一般以root用户权限运行,攻击者可以提交特殊的(远程)日志消息,可导致堆栈中静态缓冲区溢出,精心提交日志消息数据可能以root用户权限在系统上执行任意指令。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1251
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1251
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200211-018
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2002/dsa-186
(VENDOR_ADVISORY)  DEBIAN  DSA-186
http://www.iss.net/security_center/static/10527.php
(VENDOR_ADVISORY)  XF  log2mail-log-file-bo(10527)
http://www.securityfocus.com/bid/6089
(UNKNOWN)  BID  6089

- 漏洞信息

Michael Krax log2mail远程缓冲区溢出漏洞
危急 边界条件错误
2002-11-12 00:00:00 2005-05-13 00:00:00
远程  
        
        log2mail是一款用于监视日志文件,能通过邮件发送日志与模型匹配的工具。
        log2mail守护程序对畸形日志处理不正确,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以root用户权限在系统上执行任意指令。
        log2mail守护程序在系统启动阶段运行,而且一般以root用户权限运行,攻击者可以提交特殊的(远程)日志消息,可导致堆栈中静态缓冲区溢出,精心提交日志消息数据可能以root用户权限在系统上执行任意指令。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-186-1)以及相应补丁:
        DSA-186-1:New log2mail packages fix several vulnerabilities
        链接:
        http://www.debian.org/security/2002/dsa-186

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1.dsc

        Size/MD5 checksum: 483 8e995f49a3dd170b6c736aec46f9b8ca
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1.tar.gz

        Size/MD5 checksum: 28992 c87f9e8dedba478f8df8c7e7284891c3
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_alpha.deb

        Size/MD5 checksum: 70210 5be1472a8bd242c1fdb2b7847a3e2901
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_arm.deb

        Size/MD5 checksum: 31340 fe1d7c47b0059389fa9e0005293c5eee
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_i386.deb

        Size/MD5 checksum: 38532 ca7b3f97063ee1de06eb2ec97c3c4f52
        Intel IA-64 architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_ia64.deb

        Size/MD5 checksum: 49148 15761601c3ad47f58bdf033fd68b5b59
        HP Precision architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_hppa.deb

        Size/MD5 checksum: 44656 6e7585d858feaa409f98c24a3f2845dc
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_m68k.deb

        Size/MD5 checksum: 38626 e7b51b9ccf6a92a9e449f8b6dbaaf948
        Big endian MIPS architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_mips.deb

        Size/MD5 checksum: 48476 feb5fcd33b64f1dddd05a7a19653629f
        Little endian MIPS architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_mipsel.deb

        Size/MD5 checksum: 47776 614f65fe2efa766732f12c7f364751bb
        PowerPC architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_powerpc.deb

        Size/MD5 checksum: 36960 cd7dec5cb03828f1b68a061fdae8e3bb
        IBM S/390 architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_s390.deb

        Size/MD5 checksum: 37192 6043652b8d87daf781ddb3b6540c591c
        Sun Sparc architecture:
        
        http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_sparc.deb

        Size/MD5 checksum: 34836 e3c4cabc3e534c13d3fc8170384d3757
        补丁安装方法:
        1. 手工安装补丁包:
         首先,使用下面的命令来下载补丁软件:
         # wget url (url是补丁下载链接地址)
         然后,使用下面的命令来安装补丁:
         # dpkg -i file.deb (file是相应的补丁名)
        2. 使用apt-get自动安装补丁包:
         首先,使用下面的命令更新内部数据库:
         # apt-get update
        
         然后,使用下面的命令安装更新软件包:
         # apt-get upgrade

- 漏洞信息

14517
log2mail Log Message Remote Overflow
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-11-01 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Michael Krax log2mail Remote Buffer Overflow Vulnerability
Boundary Condition Error 6089
Yes No
2002-11-01 12:00:00 2009-07-11 06:06:00
Discovery of this vulnerability has been credited to Enrico Zini.

- 受影响的程序版本

log2mail log2mail 0.2.5 .0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
log2mail log2mail 0.2.7
log2mail log2mail 0.2.6
log2mail log2mail 0.2.5 .1

- 不受影响的程序版本

log2mail log2mail 0.2.7
log2mail log2mail 0.2.6
log2mail log2mail 0.2.5 .1

- 漏洞讨论

A remotely exploitable buffer overflow has been discovered in the log2mail daemon. By generating a malicious log entry, it is possible for a remote attacker to overrun a static buffer in log2mail, potentially resulting in the corruption of sensitive memory values.

By exploiting this vulnerability, it may be possible to overwrite sensitive memory variables with attacker-supplied values, resulting in the execution of arbitrary code with the privileges of the daemon.

This vulnerability was reported in log2mail v0.2.5. It is not yet known if this issue affects earlier versions.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Debian has released a security advisory containing fixes.

Fixes:

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站