CVE-2003-0427
CVSS7.5
发布时间 :2003-07-24 00:00:00
修订时间 :2010-08-21 00:16:03
NMCOS    

[原文]Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.


[CNNVD]MikMod超长文件名本地缓冲区溢出漏洞(CNNVD-200307-033)

        
        MikMod是可携带模组播放程式可以播放XM、ULT、STM、S3M、MTM、MOD和UNI等格式。
        MikMod不正确处理部分类型的输入,本地攻击者可以利用这个漏洞提升权限。
        问题应该是MikMod不正确处理归档文件中超长文件名,当被MikMod处理时可触发缓冲区溢出,可能以其他用户权限在系统上执行任意指令。具体漏洞细节没有提供。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:647mikmod Long Filename Buffer Overflow
oval:org.mitre.oval:def:10194Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0427
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0427
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200307-033
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2003/dsa-320
(VENDOR_ADVISORY)  DEBIAN  DSA-320
http://www.redhat.com/support/errata/RHSA-2005-506.html
(UNKNOWN)  REDHAT  RHSA-2005:506

- 漏洞信息

MikMod超长文件名本地缓冲区溢出漏洞
高危 边界条件错误
2003-07-24 00:00:00 2005-10-20 00:00:00
本地  
        
        MikMod是可携带模组播放程式可以播放XM、ULT、STM、S3M、MTM、MOD和UNI等格式。
        MikMod不正确处理部分类型的输入,本地攻击者可以利用这个漏洞提升权限。
        问题应该是MikMod不正确处理归档文件中超长文件名,当被MikMod处理时可触发缓冲区溢出,可能以其他用户权限在系统上执行任意指令。具体漏洞细节没有提供。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        
        http://www.debian.org/security/2003/dsa-320

- 漏洞信息

4322
mikmod Filename Local Overflow
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-06-13 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

MikMod Long File Name Local Buffer Overflow Vulnerability
Boundary Condition Error 7914
No Yes
2003-06-14 12:00:00 2009-07-11 10:06:00
Discovery credited to Ingo Saitz.

- 受影响的程序版本

SGI ProPack 3.0
SGI Advanced Linux Environment 3.0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
mikmod mikmod 3.1.6

- 漏洞讨论

It has been reported that mikmod does not properly handle some types of input. Because of this, an attacker may be able to gain unauthorized privileges on a system using the program.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Fedora advisory FEDORA-2005-404 Fedora Core 3 is available to address this issue. Fixes may be installed using the Red Hat Update Agent; this can be accomplished using the 'up2date' command. Please see the referenced advisory for more information.

Debian has released advisory DSA 320-1 with fixes to address this issue. See referenced advisory for additional details.

It is recommended that all Gentoo Linux users who are running
media-sound/mikmod upgrade to mikmod-3.1.6a as follows

emerge sync
emerge mikmod
emerge clean

Red Hat has released advisory RHSA-2005:506-08 to address this issue. Please see the referenced advisory for more information.

Red Hat has released advisory FEDORA-2005-405 to address this issue for Fedora Core 4. Please see the referenced advisory for further information.

SGI has released advisory 20050603-01-U to address this, and other issues for SGI Advanced Linux Environment 3, and SGI ProPack 3 Service Pack 5. Please see the referenced advisory for further information.


mikmod mikmod 3.1.6

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站