CVE-2003-0785
CVSS7.5
发布时间 :2003-10-06 00:00:00
修订时间 :2008-09-10 15:20:26
NMCOPS    

[原文]ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering.


[CNNVD]ipmasq不正确包转发默认规则设置漏洞(CNNVD-200310-015)

        
        ipmasq是一款Linux IP伪装工具,允许多个主机共享单个公共IP地址。
        ipmasq默认包含的防火墙规则会导致在网关上不正确转发通信,远程攻击者可以利用这个漏洞未授权访问内部网络和有漏洞的保护主机。
        由于使用部分不正确的防火墙规则,到达外部接口的部分通信会转发到不管是否已经建立了连接的内部接口,可导致攻击者转发通信到任意内部目的地址,导致信息泄露,或攻击有漏洞的主机。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0785
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0785
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200310-015
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2003/dsa-389
(VENDOR_ADVISORY)  DEBIAN  DSA-389

- 漏洞信息

ipmasq不正确包转发默认规则设置漏洞
高危 配置错误
2003-10-06 00:00:00 2005-10-20 00:00:00
远程  
        
        ipmasq是一款Linux IP伪装工具,允许多个主机共享单个公共IP地址。
        ipmasq默认包含的防火墙规则会导致在网关上不正确转发通信,远程攻击者可以利用这个漏洞未授权访问内部网络和有漏洞的保护主机。
        由于使用部分不正确的防火墙规则,到达外部接口的部分通信会转发到不管是否已经建立了连接的内部接口,可导致攻击者转发通信到任意内部目的地址,导致信息泄露,或攻击有漏洞的主机。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        
        http://www.debian.org/security/2003/dsa-389

- 漏洞信息 (F31686)

DSA-389-1 (PacketStormID:F31686)
2003-09-23 00:00:00
 
advisory
linux,debian
CVE-2003-0785
[点击下载]

Debian Security Advisory DSA 389-1 - ipmasq below version 3.5.12 creates improper filtering rules that will allow traffic on an external interface to route to an internal host via forwarding.

- --------------------------------------------------------------------------
Debian Security Advisory DSA 389-1                     security@debian.org
http://www.debian.org/security/                             Matt Zimmerman
September 20th, 2003                    http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ipmasq
Vulnerability  : insecure packet filtering rules
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0785

ipmasq is a package which simplifies configuration of Linux IP
masquerading, a form of network address translation which allows a
number of hosts to share a single public IP address.  Due to use of
certain improper filtering rules, traffic arriving on the external
interface addressed for an internal host would be forwarded,
regardless of whether it was associated with an established
connection.  This vulnerability could be exploited by an attacker
capable of forwarding IP traffic with an arbitrary destination address
to the external interface of a system with ipmasq installed.

For the current stable distribution (woody) this problem has been
fixed in version 3.5.10c.

For the unstable distribution (sid) this problem has been fixed in
version 3.5.12.

We recommend that you update your ipmasq package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/i/ipmasq/ipmasq_3.5.10c.dsc
      Size/MD5 checksum:      502 f5f259d819d47b687c3da42d931b1404
    http://security.debian.org/pool/updates/main/i/ipmasq/ipmasq_3.5.10c.tar.gz
      Size/MD5 checksum:    30656 e9a9a1f86bd88dcceaeba900698165bb

  Architecture independent components:

    http://security.debian.org/pool/updates/main/i/ipmasq/ipmasq_3.5.10c_all.deb
      Size/MD5 checksum:    47748 199a747d5c48c145cf34772f26cbba4d

  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/bM7qArxCt0PiXR4RArtIAJ9HhBf5J7Om4cU7hBwxRYUvJJ1mywCg10nu
tzhzzArT1gq7C2Um9L0yljY=
=4/vt
-----END PGP SIGNATURE-----
    

- 漏洞信息

11743
ipmasq External Interface Packet Forward Restriction Bypass

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-08-20 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

ipmasq Incorrect Packet Forwarding Default Ruleset Vulnerability
Configuration Error 8664
Yes No
2003-09-20 12:00:00 2009-07-11 11:56:00
The disclosure of this issue has been credited to the vendor.

- 受影响的程序版本

Brian Bassett ipmasq 3.5.10
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0

- 漏洞讨论

Debian has reported that the firewall rules configured by ipmasq may result in incorrect forwarding of traffic on the gateway host. According to the report, any traffic destined for internal hosts arriving at the external interface of the gateway will be forwarded to the destination host on the internal network regardless of whether the packet can be associated with an established connection or not. This behavior is incorrect and may result in attackers gaining unauthorized access to internal and potentially more vulnerable hosts.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Debian has issued fixes, listed in advisory DSA-389-1. See the reference section.


Brian Bassett ipmasq 3.5.10

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站