CVE-2002-1628
CVSS5.0
发布时间 :2002-12-31 00:00:00
修订时间 :2008-09-05 16:31:06
NMCOS    

[原文]Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter.


[CNNVD]MaraDNS远程拒绝服务攻击漏洞(CNNVD-200212-185)

        
        MaraDNS是一个安全的DNS服务器。它最初被设计于工作在Linux和Unix类操作系统,现在已经被移植到了Windows平台。MaraDNS设计的尽可能安全,包含了抵抗缓冲区溢出的功能,要求以非特权用户在一个chroot环境下运行。
        在某些版本的MaraDNS服务器程序中存在一个漏洞,可能使远程攻击者对其实施拒绝服务攻击。
        MaraDNS在处理DNS压缩通讯时存在问题,利用这个漏洞可以使MaraDNS崩溃。早期版本的MaraDNS程序也可能受此漏洞影响。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:mike_spice:mikes_vote_cgi:1.0
cpe:/a:mike_spice:mikes_vote_cgi:1.2
cpe:/a:mike_spice:mikes_vote_cgi:1.1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1628
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1628
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200212-185
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/250107
(PATCH)  CERT-VN  VU#250107
http://xforce.iss.net/xforce/xfdb/7971
(PATCH)  XF  vote-cgi-gain-privileges(7971)
http://www.securityfocus.com/bid/3854
(PATCH)  BID  3854

- 漏洞信息

MaraDNS远程拒绝服务攻击漏洞
中危 输入验证
2002-12-31 00:00:00 2005-10-20 00:00:00
远程  
        
        MaraDNS是一个安全的DNS服务器。它最初被设计于工作在Linux和Unix类操作系统,现在已经被移植到了Windows平台。MaraDNS设计的尽可能安全,包含了抵抗缓冲区溢出的功能,要求以非特权用户在一个chroot环境下运行。
        在某些版本的MaraDNS服务器程序中存在一个漏洞,可能使远程攻击者对其实施拒绝服务攻击。
        MaraDNS在处理DNS压缩通讯时存在问题,利用这个漏洞可以使MaraDNS崩溃。早期版本的MaraDNS程序也可能受此漏洞影响。
        

- 公告与补丁

        临时解决方法:
        此问题没有合适的临时解决方案,请尽快升级到软件的最新版本。
        厂商补丁:
        MaraDNS
        -------
        目前厂商已经在新版本的软件中修补了这个漏洞,我们建议使用此软件的用户到厂商的主页获取最新版本:
        MaraDNS Upgrade maradns-0.5.31.tar.bz2
        
        http://www.maradns.org/download/maradns-0.5.31.tar.bz2

        MaraDNS Upgrade maradns-0.9.01.tar.gz
        
        http://www.maradns.org/download/maradns-0.9.01.tar.gz

- 漏洞信息

3514
Mike's Vote CGI Overwrite Arbitrary File

- 漏洞描述

Mike Spice's Vote CGI contains a flaw that allows a remote attacker to overwrite arbitrary files. The issue is due to the vote.cgi script not sanitizing input supplied to the "type" variable. If an attacker supplies a traversal style attack (../../), they can supply an alternate file to be written to as long as the web server has write privileges to the desired file.

- 时间线

2002-01-16 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Mike Spice Mike's Vote CGI Input Validation Error Vulnerability
Input Validation Error 3854
Yes No
2002-01-09 12:00:00 2009-07-11 09:56:00
Published in the Mike's Vote CGI changelog on January 9, 2002.

- 受影响的程序版本

Mike Spice Mike's Vote CGI 1.2
Mike Spice Mike's Vote CGI 1.1
Mike Spice Mike's Vote CGI 1.0
Mike Spice Mike's Vote CGI 1.3

- 不受影响的程序版本

Mike Spice Mike's Vote CGI 1.3

- 漏洞讨论

Mike's Vote CGI is a program which allows web hosts to add voting capabilities
to web pages and is maintained by Mike Spice.

It may be possible in possible to overwrite system files that are webserver writeable with custom data.

This is due to an input validation vulnerability in 'vote.cgi' when the 'type' CGI variable is passed to the perl open() function. Attackers can use directory traversal '../' character sequences and NULL bytes to specify any file and path on the filesystem.

- 漏洞利用

This vulnerability can be exploited with a web browser.

- 解决方案

Reportedly Mike's Vote CGI version 1.3 is not vulnerable to this issue.


Mike Spice Mike's Vote CGI 1.0

Mike Spice Mike's Vote CGI 1.1

Mike Spice Mike's Vote CGI 1.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站