CVE-2003-0143
CVSS10.0
发布时间 :2003-03-18 00:00:00
修订时间 :2016-10-17 22:30:04
NMCOES    

[原文]The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.


[CNNVD]Qpopper远程内存损坏漏洞(CNNVD-200303-046)

        Qpopper 4.0.5fc2之前4.0.x版本的pop_msg函数在Qvsnprintf调用消息缓冲区后没有将其空终止,认证用户可以借助带有超长宏名称的mdef命令的缓冲区溢出执行任意代码。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:qualcomm:qpopper:4.0.1
cpe:/a:qualcomm:qpopper:4.0.2
cpe:/a:qualcomm:qpopper:4.0.3
cpe:/a:qualcomm:qpopper:4.0.4

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0143
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0143
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200303-046
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=104739841223916&w=2
(UNKNOWN)  BUGTRAQ  20030310 QPopper 4.0.x buffer overflow vulnerability
http://marc.info/?l=bugtraq&m=104748775900481&w=2
(UNKNOWN)  BUGTRAQ  20030312 Re: QPopper 4.0.x buffer overflow vulnerability
http://marc.info/?l=bugtraq&m=104768137314397&w=2
(UNKNOWN)  BUGTRAQ  20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper)
http://marc.info/?l=bugtraq&m=104792541215354&w=2
(UNKNOWN)  GENTOO  GLSA-200303-12
http://www.debian.org/security/2003/dsa-259
(VENDOR_ADVISORY)  DEBIAN  DSA-259
http://www.novell.com/linux/security/advisories/2003_018_qpopper.html
(UNKNOWN)  SUSE  SuSE-SA:2003:018
http://www.securityfocus.com/bid/7058
(VENDOR_ADVISORY)  BID  7058
http://xforce.iss.net/xforce/xfdb/11516
(VENDOR_ADVISORY)  XF  qpopper-popmsg-macroname-bo(11516)

- 漏洞信息

Qpopper远程内存损坏漏洞
危急 缓冲区溢出
2003-03-18 00:00:00 2005-05-13 00:00:00
远程  
        Qpopper 4.0.5fc2之前4.0.x版本的pop_msg函数在Qvsnprintf调用消息缓冲区后没有将其空终止,认证用户可以借助带有超长宏名称的mdef命令的缓冲区溢出执行任意代码。

- 公告与补丁

        Sun have released a security update to address this issue in the RAQ XTR. Please see references section for further details. A fix is linked below.
        SuSE has released a security advisory (SuSE-SA:2003:018) which contains fixes for this issue. Users are advised to upgrade as soon as possible.
        Gentoo Linux have released an advisory that addresses this vulnerability (200303-12), users who are running net-mail/qpopper are advised to upgrade to qpopper-4.0.5 by issuing the following commands:
        emerge sync
        emerge qpopper
        emerge clean
        Debian has released a security advisory (DSA-259-1) which contains fixes for this issue. Users are advised to upgrade as soon as possible.
        Qpopper version 4.0.5fc2 contains fixes for this issue. The vendor has also reported that the final version of 4.0.5 is pending release, and will also contain the fixes for this issue.
        *** Additional information has been released which puts in question the changes made in Qpopper version 4.0.5fc2. As a result, users who have updated Qpopper may still be affected by this issue. Further details are available in the references section.
        Sun Cobalt RaQ XTR
        
        Qualcomm qpopper 4.0.1
        
        Qualcomm qpopper 4.0.2
        
        Qualcomm qpopper 4.0.3
        
        Qualcomm qpopper 4.0.4
        

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站