CVE-2003-0695
CVSS7.5
发布时间 :2003-10-06 00:00:00
修订时间 :2016-10-17 22:36:40
NMCO    

[原文]Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.


[CNNVD]OpenSSH 缓冲区管理错误漏洞(CNNVD-200310-010)

        OpenSSH 3.7.1之前的版本存在多个“缓冲区管理错误”。攻击者使用(1)buffer.c的buffer_init,(2)buffer.c的buffer_free,或者(3)channels.c的separate函数导致服务拒绝或者执行任意代码,该漏洞不同于CVE-2003-0693。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:452Mutliple Buffer Management Errors in OpenSSH
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0695
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0695
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200310-010
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000741
(UNKNOWN)  CONECTIVA  CLA-2003:741
http://marc.info/?l=bugtraq&m=106373546332230&w=2
(UNKNOWN)  REDHAT  RHSA-2003:279
http://marc.info/?l=bugtraq&m=106381396120332&w=2
(UNKNOWN)  TRUSTIX  2003-0033
http://marc.info/?l=bugtraq&m=106381409220492&w=2
(UNKNOWN)  BUGTRAQ  20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh)
http://marc.info/?l=bugtraq&m=106382542403716&w=2
(UNKNOWN)  BUGTRAQ  20030917 [slackware-security] OpenSSH updated again (SSA:2003-260-01)
http://marc.info/?l=openbsd-security-announce&m=106375582924840
(UNKNOWN)  MISC  http://marc.info/?l=openbsd-security-announce&m=106375582924840
http://www.debian.org/security/2003/dsa-382
(UNKNOWN)  DEBIAN  DSA-382
http://www.debian.org/security/2003/dsa-383
(VENDOR_ADVISORY)  DEBIAN  DSA-383
http://www.mandriva.com/security/advisories?name=MDKSA-2003:090
(UNKNOWN)  MANDRAKE  MDKSA-2003:090
http://www.openssh.com/txt/buffer.adv
(UNKNOWN)  CONFIRM  http://www.openssh.com/txt/buffer.adv
http://www.redhat.com/support/errata/RHSA-2003-280.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2003:280

- 漏洞信息

OpenSSH 缓冲区管理错误漏洞
高危 未知
2003-10-06 00:00:00 2006-03-28 00:00:00
远程  
        OpenSSH 3.7.1之前的版本存在多个“缓冲区管理错误”。攻击者使用(1)buffer.c的buffer_init,(2)buffer.c的buffer_free,或者(3)channels.c的separate函数导致服务拒绝或者执行任意代码,该漏洞不同于CVE-2003-0693。

- 公告与补丁

        

- 漏洞信息

2557
OpenSSH Multiple Buffer Management Multiple Overflows
Local Access Required, Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

OpenSSH contains several flaws that may allow remote attackers to execute arbitrary code. The issues occur in the buffer_init and buffer_free functions in buffer.c, as well as an separate function also called buffer_free in channels.c. These functions may provide an attacker with the opportunity to inject custom data that could result in memory manipulation and possibly code execution.

- 时间线

2003-09-16 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 3.7.1 or higher, as it has been reported to fix this vulnerability. Vendor specific patches have also been supplied for earlier versions. Other potential workarounds are to restrict SSH access to trusted hosts or disable the service completely.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站