CVE-2002-1388
CVSS4.3
发布时间 :2003-01-02 00:00:00
修订时间 :2008-09-05 16:30:28
NMCOS    

[原文]Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages.


[CNNVD]MHonArc m2h_text_html过滤器跨站脚本执行漏洞(CNNVD-200301-006)

        
        MHonArc是一款PERL语言编写的自动解析HTML形式邮件内容的程序,包括在处理过程中从HTML邮件中过滤有危险性的JavaScript标记等功能。
        MHonArc在过滤HTML邮件信息时缺少正确检查,远程攻击者可以利用这个漏洞构建恶意HTML邮件消息,发送给MHonArc系统,可绕过MHonArc使用的HTML过滤技术,产生跨站脚本可执行攻击。
        当用户点击包含恶意脚本代码的链接时,可导致基于Cookie认证的信息泄露,或进行其他非法活动。
        目前尚无具体漏洞细节。
        

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:mhonarc:mhonarc:2.5.12
cpe:/a:mhonarc:mhonarc:2.5.3
cpe:/a:mhonarc:mhonarc:2.4.4
cpe:/a:mhonarc:mhonarc:2.5.2
cpe:/a:mhonarc:mhonarc:2.5.1
cpe:/a:mhonarc:mhonarc:2.5
cpe:/a:mhonarc:mhonarc:2.5.13
cpe:/a:mhonarc:mhonarc:2.5.11

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1388
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1388
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200301-006
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/6479
(VENDOR_ADVISORY)  BID  6479
http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com
(VENDOR_ADVISORY)  CONFIRM  http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com
http://xforce.iss.net/xforce/xfdb/10950
(VENDOR_ADVISORY)  XF  mhonarc-m2htexthtml-filter-xss(10950)
http://www.debian.org/security/2002/dsa-221
(UNKNOWN)  DEBIAN  DSA-221

- 漏洞信息

MHonArc m2h_text_html过滤器跨站脚本执行漏洞
中危 输入验证
2003-01-02 00:00:00 2005-05-13 00:00:00
远程  
        
        MHonArc是一款PERL语言编写的自动解析HTML形式邮件内容的程序,包括在处理过程中从HTML邮件中过滤有危险性的JavaScript标记等功能。
        MHonArc在过滤HTML邮件信息时缺少正确检查,远程攻击者可以利用这个漏洞构建恶意HTML邮件消息,发送给MHonArc系统,可绕过MHonArc使用的HTML过滤技术,产生跨站脚本可执行攻击。
        当用户点击包含恶意脚本代码的链接时,可导致基于Cookie认证的信息泄露,或进行其他非法活动。
        目前尚无具体漏洞细节。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 通过在MHonArc配置文件中增加如下指示而关闭HTML支持:
        
        text/html
        text/x-html
        

        MHonArc 2.4.9版本的需要增加如下代码到配置文件:
        
        text/html; m2h_text_plain::filter; mhtxtplain.pl
        text/x-html; m2h_text_plain::filter; mhtxtplain.pl
        

        厂商补丁:
        MHonArc
        -------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        MHonArc Upgrade MHonArc2.5.14.tar.gz
        
        http://www.mhonarc.org/release/MHonArc/tar/MHonArc2.5.14.tar.gz

- 漏洞信息

7352
MHonArc Web Archive Mail Message XSS
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-12-21 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

MHonArc m2h_text_html Filter Cross Site Scripting Vulnerability
Input Validation Error 6479
Yes No
2002-12-21 12:00:00 2009-07-11 07:17:00
This vulnerability was discovered by the MHonArc team.

- 受影响的程序版本

MHonArc MHonArc 2.5.13
MHonArc MHonArc 2.5.12
MHonArc MHonArc 2.5.11
MHonArc MHonArc 2.5.3
MHonArc MHonArc 2.5.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
MHonArc MHonArc 2.5.1
MHonArc MHonArc 2.5
MHonArc MHonArc 2.4.4
+ Debian Linux 2.2 pre potato
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
MHonArc MHonArc 2.5.14

- 不受影响的程序版本

MHonArc MHonArc 2.5.14

- 漏洞讨论

A cross site scripting vulnerability has been reported for MHonArc.

A specially crafted HTML mail messages may be able to bypass existing HTML filtering techniques imposed by MHonArc. Any MHonArc archives that allow HTML content are vulnerable to this issue.

This vulnerability has been reported to affect all versions of MHonArc 2.5.13 and earlier.

- 漏洞利用

There is no exploit code required.

- 解决方案

MHonArc 2.5.14 is not vulnerable to this issue. Users are advised to obtain the latest version of MHonArc:


MHonArc MHonArc 2.4.4

MHonArc MHonArc 2.5

MHonArc MHonArc 2.5.1

MHonArc MHonArc 2.5.11

MHonArc MHonArc 2.5.12

MHonArc MHonArc 2.5.13

MHonArc MHonArc 2.5.2

MHonArc MHonArc 2.5.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站