CVE-2003-0110
CVSS5.0
发布时间 :2003-05-05 00:00:00
修订时间 :2016-10-17 22:29:39
NMCOS    

[原文]The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.


[CNNVD]Microsoft Winsock代理服务远程拒绝服务攻击漏洞(MS03-012)(CNNVD-200305-003)

        
        Microsoft ISA服务器集成可扩展,多层企业级防火墙,可扩展高性能WEB缓冲服务程序。MS Proxy是ISA服务器的前身。
        Microsoft代理服务器不正确处理部分畸形包请求,远程攻击者可以利用这个漏洞对代理服务程序进行拒绝服务攻击。
        ISA Server和MS Proxy 2.0默认安装WinSock代理服务wspsrv.exe,设计用于测试和诊断用途。WSP服务建立UDP协议套接口绑定在1745端口,攻击者发送特殊构建的包可以导致WSP产生无限循环,消耗大量CPU时间,停止对正常服务的响应。
        畸形的包需要有如下特征:
        * 源和目的IP都为ISA服务器。
        * 源和目的端口都为1745。
        * 数据段特殊构建和重组请求格式。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:microsoft:proxy_server:2.0:sp1
cpe:/a:microsoft:isa_server:2000:fp1Microsoft isa_server 2000 fp1
cpe:/a:microsoft:isa_server:2000:sp1Microsoft isa_server 2000 sp1
cpe:/a:microsoft:proxy_server:2.0Microsoft proxy_server 2.0
cpe:/a:microsoft:isa_server:2000Microsoft isa server 2000

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:406Microsoft Winsock Proxy Service Denial of Service
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0110
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0110
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200305-003
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=104994487012027&w=2
(UNKNOWN)  BUGTRAQ  20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000
http://www.idefense.com/advisory/04.09.03.txt
(VENDOR_ADVISORY)  MISC  http://www.idefense.com/advisory/04.09.03.txt
http://www.microsoft.com/technet/security/bulletin/ms03-012.asp
(VENDOR_ADVISORY)  MS  MS03-012

- 漏洞信息

Microsoft Winsock代理服务远程拒绝服务攻击漏洞(MS03-012)
中危 输入验证
2003-05-05 00:00:00 2006-09-25 00:00:00
远程  
        
        Microsoft ISA服务器集成可扩展,多层企业级防火墙,可扩展高性能WEB缓冲服务程序。MS Proxy是ISA服务器的前身。
        Microsoft代理服务器不正确处理部分畸形包请求,远程攻击者可以利用这个漏洞对代理服务程序进行拒绝服务攻击。
        ISA Server和MS Proxy 2.0默认安装WinSock代理服务wspsrv.exe,设计用于测试和诊断用途。WSP服务建立UDP协议套接口绑定在1745端口,攻击者发送特殊构建的包可以导致WSP产生无限循环,消耗大量CPU时间,停止对正常服务的响应。
        畸形的包需要有如下特征:
        * 源和目的IP都为ISA服务器。
        * 源和目的端口都为1745。
        * 数据段特殊构建和重组请求格式。
        

- 公告与补丁

        厂商补丁:
        Microsoft
        ---------
        Microsoft已经为此发布了一个安全公告(MS03-012)以及相应补丁:
        MS03-012:Flaw In Winsock Proxy Service And ISA Server Firewall Service Can Cause Denial Of Service (331066)
        链接:
        http://www.microsoft.com/technet/security/bulletin/MS03-012.asp

        补丁下载:
        Proxy Server 2.0:
        
        http://microsoft.com/downloads/details.aspx?FamilyId=C81688B7-20FB-45EB-BAFD-031A0D2923E6&displaylang=en

        ISA Server:
        English:
        
        http://microsoft.com/downloads/details.aspx?FamilyId=3C43FAD2-A888-4603-84B7-1053C8663436&displaylang=en

        French:
        
        http://microsoft.com/downloads/details.aspx?FamilyId=3C43FAD2-A888-4603-84B7-1053C8663436&displaylang=fr

        German:
        
        http://microsoft.com/downloads/details.aspx?FamilyId=3C43FAD2-A888-4603-84B7-1053C8663436&displaylang=de

        Spanish:
        
        http://microsoft.com/downloads/details.aspx?FamilyId=3C43FAD2-A888-4603-84B7-1053C8663436&displaylang=es

        Japanese:
        
        http://microsoft.com/downloads/details.aspx?FamilyId=3C43FAD2-A888-4603-84B7-1053C8663436&displaylang=ja

- 漏洞信息

6967
Microsoft ISA Server 2000 UDP Packet Winsock DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-04-19 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Microsoft Winsock Proxy Service Remote Denial Of Service Vulnerability
Input Validation Error 7314
Yes No
2003-04-09 12:00:00 2009-07-11 09:06:00
Vulnerability announced by Microsoft.

- 受影响的程序版本

Microsoft Proxy Server 2.0 SP1
Microsoft Proxy Server 2.0
- Microsoft BackOffice 4.5
- Microsoft BackOffice 4.5
- Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0
Microsoft ISA Server 2000 SP1
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft ISA Server 2000 FP1
Microsoft ISA Server 2000
+ Microsoft Small Business Server 2000 0
+ Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server

- 漏洞讨论

It has been reported that Microsoft Proxy Server does not properly handle some types of traffic. Because of this, it is possible for a remote user to cause the host to become unstable and crash.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Microsoft has released patches for this vulnerability. It should be noted that there are localized versions of patches are available for ISA Server.

Patches available:


Microsoft Proxy Server 2.0 SP1

Microsoft ISA Server 2000 FP1

Microsoft ISA Server 2000 SP1

Microsoft ISA Server 2000

Microsoft Proxy Server 2.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站