CVE-2002-1320
CVSS5.0
发布时间 :2002-12-11 00:00:00
修订时间 :2016-10-17 22:25:53
NMCOES    

[原文]Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").


[CNNVD]Pine From:字段堆破坏漏洞(CNNVD-200212-014)

        
        Pine是一款开放源代码的EMAIL客户端。
        Pine对From:字段数据处理不正确,远程攻击者可以利用这个漏洞发送恶意邮件导致Pine发生基于堆的破坏,造成Pine客户端崩溃。
        当Pine检测到邮件的From头字段类似如下形式:
        From:
        "\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar
        可导致Pine由于段错误而崩溃。攻击者可以发送特殊构建的From头字段而完全合法兼容RFC的邮件消息给目标Pine用户,可使Pine在启动的时候发生core dump。唯一的方法是从spool或者使用其他MUA手工删除这个错误邮件,否则不能使用Pine来接收邮件。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:university_of_washington:pine:4.0.4
cpe:/a:university_of_washington:pine:3.98
cpe:/a:university_of_washington:pine:4.30
cpe:/a:university_of_washington:pine:4.0.2
cpe:/a:university_of_washington:pine:4.10
cpe:/a:university_of_washington:pine:4.21
cpe:/a:university_of_washington:pine:4.33
cpe:/a:university_of_washington:pine:4.44
cpe:/a:university_of_washington:pine:4.20

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1320
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1320
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200212-014
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551
(UNKNOWN)  CONECTIVA  CLA-2002:551
http://marc.info/?l=bugtraq&m=103668430620531&w=2
(UNKNOWN)  BUGTRAQ  20021107 Remote pine Denial of Service
http://marc.info/?l=bugtraq&m=103884988306241&w=2
(UNKNOWN)  BUGTRAQ  20021202 GLSA: pine
http://www.iss.net/security_center/static/10555.php
(VENDOR_ADVISORY)  XF  pine-from-header-dos(10555)
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php
(UNKNOWN)  MANDRAKE  MDKSA-2002:084
http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html
(UNKNOWN)  ENGARDE  ESA-20021127-032
http://www.novell.com/linux/security/advisories/2002_046_pine.html
(UNKNOWN)  SUSE  SuSE-SA:2002:046
http://www.redhat.com/support/errata/RHSA-2002-270.html
(UNKNOWN)  REDHAT  RHSA-2002:270
http://www.redhat.com/support/errata/RHSA-2002-271.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2002:271
http://www.securityfocus.com/bid/6120
(VENDOR_ADVISORY)  BID  6120

- 漏洞信息

Pine From:字段堆破坏漏洞
中危 边界条件错误
2002-12-11 00:00:00 2005-10-12 00:00:00
远程  
        
        Pine是一款开放源代码的EMAIL客户端。
        Pine对From:字段数据处理不正确,远程攻击者可以利用这个漏洞发送恶意邮件导致Pine发生基于堆的破坏,造成Pine客户端崩溃。
        当Pine检测到邮件的From头字段类似如下形式:
        From:
        "\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar
        可导致Pine由于段错误而崩溃。攻击者可以发送特殊构建的From头字段而完全合法兼容RFC的邮件消息给目标Pine用户,可使Pine在启动的时候发生core dump。唯一的方法是从spool或者使用其他MUA手工删除这个错误邮件,否则不能使用Pine来接收邮件。
        

- 公告与补丁

        厂商补丁:
        University of Washington
        ------------------------
        此漏洞在Pine 4.50版本中已经得到解决:
        
        http://www.washington.edu/pine/

- 漏洞信息 (21985)

Pine 4.x From: Field Heap Corruption Vulnerability (EDBID:21985)
linux dos
2002-11-07 Verified
0 lsjoberg
N/A [点击下载]
source: http://www.securityfocus.com/bid/6120/info

A heap corruption may occur when Pine receives an email message containing a particularly crafted "From:" address. Though the address is RFC compliant, Pine reportedly fails to parse it correctly, resulting in a core dump. Execution of arbitrary code may be possible. 

"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar 		

- 漏洞信息

6948
Pine Malformed From: Header DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-11-07 Unknow
2002-11-07 Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Pine From: Field Heap Corruption Vulnerability
Boundary Condition Error 6120
Yes No
2002-11-07 12:00:00 2009-07-11 06:06:00
Discovery is credited to Linus Sjöberg <lsjoberg@aland.net>.

- 受影响的程序版本

University of Washington Pine 4.44
+ EnGarde Secure Linux 1.0.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ Sun Cobalt Qube 3
+ Sun Cobalt RaQ 4
+ Sun Cobalt RaQ 550
+ Sun Cobalt RaQ XTR
+ Sun Linux 5.0.7
+ Sun Linux 5.0
University of Washington Pine 4.33
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
University of Washington Pine 4.30
University of Washington Pine 4.21
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ Slackware Linux 7.1
+ Slackware Linux 7.0
University of Washington Pine 4.20
+ Turbolinux Turbolinux Workstation 6.0
University of Washington Pine 4.10
+ RedHat Linux 6.1 sparc
+ RedHat Linux 6.1 i386
+ RedHat Linux 6.1 alpha
+ RedHat Linux 6.0 sparc
+ RedHat Linux 6.0 alpha
+ RedHat Linux 6.0
+ S.u.S.E. Linux 6.1 alpha
+ S.u.S.E. Linux 6.1
University of Washington Pine 4.2 x
University of Washington Pine 4.0.4
+ RedHat Linux 5.2 sparc
+ RedHat Linux 5.2 i386
+ RedHat Linux 5.2 alpha
University of Washington Pine 4.0.2
University of Washington Pine 4.0 x
University of Washington Pine 3.98
+ S.u.S.E. Linux 5.3

- 漏洞讨论

A heap corruption may occur when Pine receives an email message containing a particularly crafted "From:" address. Though the address is RFC compliant, Pine reportedly fails to parse it correctly, resulting in a core dump. Execution of arbitrary code may be possible.

- 漏洞利用

This vulnerability can be triggered by sending an email message containing a "From:" address similar to the following proof-of-concept example provided by Linus Sjöberg (lsjoberg@aland.net):
"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar

- 解决方案

It is recommended that all Gentoo Linux users who are running
net-mail/pine-4.44-r5 and earlier update their systems as follows:

emerge rsync
emerge pine
emerge clean

The following fixes are available:


University of Washington Pine 3.98

University of Washington Pine 4.0.2

University of Washington Pine 4.0.4

University of Washington Pine 4.10

University of Washington Pine 4.20

University of Washington Pine 4.21

University of Washington Pine 4.30

University of Washington Pine 4.33

University of Washington Pine 4.44

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站