CVE-2003-0988
CVSS7.5
发布时间 :2004-02-17 00:00:00
修订时间 :2016-10-17 22:38:52
NMCOS    

[原文]Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.


[CNNVD]KDE个人信息管理套件VCF文件远程缓冲区溢出漏洞(CNNVD-200402-052)

        
        KDE是一款免费开放源代码X桌面管理程序,KDE个人信息管理程序(kdepim)套件帮助用户管理EMAIL,任务和联系人等信息。
        kdepim程序在处理VCF文件信息头时存在缓冲区溢出,远程攻击者可以利用这个漏洞构建恶意VCF文件,诱使用户打开而可能以进程权限执行任意指令。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:kde:kde:3.1.3
cpe:/o:kde:kde:3.1.2
cpe:/o:kde:kde:3.1.1
cpe:/o:kde:kde:3.1.0

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:865Red Hat Enterprise 3 kdepim VCF File Information Reader BO
oval:org.mitre.oval:def:858Red Hat kdepim VCF File Information Reader BO
oval:org.mitre.oval:def:10498Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0988
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0988
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200402-052
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000810
(UNKNOWN)  CONECTIVA  CLA-2004:810
http://marc.info/?l=bugtraq&m=107412130407906&w=2
(UNKNOWN)  BUGTRAQ  20040114 KDE Security Advisory: VCF file information reader vulnerability
http://security.gentoo.org/glsa/glsa-200404-02.xml
(UNKNOWN)  GENTOO  GLSA-200404-02
http://www.kb.cert.org/vuls/id/820798
(UNKNOWN)  CERT-VN  VU#820798
http://www.kde.org/info/security/advisory-20040114-1.txt
(VENDOR_ADVISORY)  CONFIRM  http://www.kde.org/info/security/advisory-20040114-1.txt
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:003
(UNKNOWN)  MANDRAKE  MDKSA-2004:003
http://www.redhat.com/support/errata/RHSA-2004-005.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:005
http://www.redhat.com/support/errata/RHSA-2004-006.html
(UNKNOWN)  REDHAT  RHSA-2004:006
http://www.securityfocus.com/bid/9419
(VENDOR_ADVISORY)  BID  9419
http://xforce.iss.net/xforce/xfdb/14833
(VENDOR_ADVISORY)  XF  kde-kdepim-bo(14833)

- 漏洞信息

KDE个人信息管理套件VCF文件远程缓冲区溢出漏洞
高危 边界条件错误
2004-02-17 00:00:00 2005-05-13 00:00:00
远程  
        
        KDE是一款免费开放源代码X桌面管理程序,KDE个人信息管理程序(kdepim)套件帮助用户管理EMAIL,任务和联系人等信息。
        kdepim程序在处理VCF文件信息头时存在缓冲区溢出,远程攻击者可以利用这个漏洞构建恶意VCF文件,诱使用户打开而可能以进程权限执行任意指令。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        Conectiva
        ---------
        
        http://www.debian.org/security/2003/dsa-238

        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-238-1)以及相应补丁:
        DSA-238-1:New kdepim packages fix several vulnerabilities
        链接:
        http://www.debian.org/security/2002/dsa-238

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim_2.2.2-5.2.dsc

        Size/MD5 checksum: 817 3a9b6d07e71b4a78fff95f1e0d5f3df1
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim_2.2.2-5.2.diff.gz

        Size/MD5 checksum: 104449 81c061d65307d74cb877766b57b22693
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim_2.2.2.orig.tar.gz

        Size/MD5 checksum: 2426387 e090f1aad8ebd1a3ea1ecd42d51532f9
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_alpha.deb

        Size/MD5 checksum: 109240 6c5235a3331c8d3a774f7830e048f3d8
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_alpha.deb

        Size/MD5 checksum: 22648 3a055bcaee8f6f88afe80b30e6f2211d
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_alpha.deb

        Size/MD5 checksum: 456832 578b1f4eac0aebac76e90fe4010fcfb9
        
        http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_alpha.deb

        Size/MD5 checksum: 716432 50b9d71558a64615f1392cbe93033355
        
        http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_alpha.deb

        Size/MD5 checksum: 824996 27aa213fa013720f5f5a926aed891845
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_arm.deb

        Size/MD5 checksum: 84314 8fbc92a65edc80b03d56629677366371
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_arm.deb

        Size/MD5 checksum: 22646 7d035230f1ea1179e69ea25b167c7a96
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_arm.deb

        Size/MD5 checksum: 362892 5261b05a017c810ec3a59aecb937f0b2
        
        http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_arm.deb

        Size/MD5 checksum: 620202 c638b1d0ff98cd9d78ca3bb8ddebabee
        
        http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_arm.deb

        Size/MD5 checksum: 724560 b4cb3ab202e12b3e4ce1180280b7b7c4
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_i386.deb

        Size/MD5 checksum: 84642 1cde319e7dc3939d6de153ebf9128140
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_i386.deb

        Size/MD5 checksum: 22638 072fc2043003c57ee1288b461fe5080e
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_i386.deb

        Size/MD5 checksum: 359282 60abc8750287b7acd90aea5f96ad681c
        
        http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_i386.deb

        Size/MD5 checksum: 598284 3272ea2762c45f9a97c868433750bf6c
        
        http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_i386.deb

        Size/MD5 checksum: 718354 6195ea202df4bf7895e4ab1d4ea6599c
        Intel IA-64 architecture:
        
        http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_ia64.deb

        Size/MD5 checksum: 127432 1e767af46b537f450c90b90a57838b75
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_ia64.deb

        Size/MD5 checksum: 22638 03c37216be4a1abb7dafe8b2a50f03aa
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_ia64.deb

        Size/MD5 checksum: 570572 f08e48aa1974ed09b0a6c47755ce67d0
        
        http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_ia64.deb

        Size/MD5 checksum: 835716 bec4be6dd27d531d6fb750dbbdb1c46b
        
        http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_ia64.deb

        Size/MD5 checksum: 934750 4e99292ff76e5a479493334e08fc9130
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/k/kdepim/kandy_2.2.2-5.2_m68k.deb

        Size/MD5 checksum: 83214 757f6ab819882d9e343d6ce0d89188ef
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-dev_2.2.2-5.2_m68k.deb

        Size/MD5 checksum: 22654 b5ed90d92e9b2c7129e63b37e62ef621
        
        http://security.debian.org/pool/updates/main/k/kdepim/kdepim-libs_2.2.2-5.2_m68k.deb

        Size/MD5 checksum: 358008 6f392d9a4d5b2023bd3e07d1f7b76c75
        
        http://security.debian.org/pool/updates/main/k/kdepim/korganizer_2.2.2-5.2_m68k.deb

        Size/MD5 checksum: 603922 607c929b8cef38dc36a80afb052b0c35
        
        http://security.debian.org/pool/updates/main/k/kdepim/kpilot_2.2.2-5.2_m68k.deb

        Size/MD5 checksum: 718006 daa16707658d414cfdca7fe733ef0d52
        Big endian MIPS architecture:
        

- 漏洞信息

3472
KDE kdepim VCF File handling Overflow
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-01-14 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

KDE Personal Information Management Suite VCF File Remote Buffer Overflow Vulnerability
Boundary Condition Error 9419
Yes No
2004-01-14 12:00:00 2009-07-12 02:06:00
The disclosure of this issue has been credited to the KDE team.

- 受影响的程序版本

Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux -current
RedHat kdepim-devel-3.1-5.i386.rpm
RedHat kdepim-3.1-5.i386.rpm
Red Hat Fedora Core1
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
Mandriva Linux Mandrake 9.1 ppc
Mandriva Linux Mandrake 9.1
KDE KDE 3.1.4
KDE KDE 3.1.3
+ Red Hat Enterprise Linux AS 3
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
KDE KDE 3.1.2
+ Conectiva Linux 9.0
+ Conectiva Linux 9.0
+ KDE KDE 3.1.2
KDE KDE 3.1.1 a
KDE KDE 3.1.1
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. Linux Personal 8.2
KDE KDE 3.1
+ RedHat Linux 9.0 i386
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.1
KDE KDE 3.1.5

- 不受影响的程序版本

KDE KDE 3.1.5

- 漏洞讨论

It has been reported that KDE kdepim may be prone to a remote buffer overflow vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system in order to gain unauthorized access. The issue presents itself when an attacker sends a malformed VCF file to a user on a vulnerable system. An attacker may be able to execute arbitrary code on a vulnerable system if the malicious VCF file is opened by the user.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Slackware has released an advisory SSA:2004-014-01 with fixes to address this issue. Please see the referenced advisory for additional information. Fixes are linked below.

The vendor has released KDE version 3.1.5 to address this issue. A patch has been made available for KDE 3.1.4 for users who are unable to upgrade to version 3.1.5.

RedHat has released an advisory RHSA-2004:006-01 with fixes to address this issue. Please see the referenced advisory for more information.

Mandrake has released an advisory MDKSA-2004:003 with fixes to address this issue. Please see the referenced advisory for more information.

Conectiva has released advisory CLA-2004:810 to address this issue.

Gentoo Linux has released advisory GLSA 200404-02 dealing with this issue. It advises users to upgrade to the newer package using the following sequence of commands:

Gentoo KDE users should upgrade to version 3.1.5 or later:
emerge sync
emerge -pv ">=kde-base/kde-3.1.5"
emerge ">=kde-base/kde-3.1.5"

Please see the referenced Gentoo advisory for more information.

Red Hat Fedora has released advisory FEDORA-2004-133 dealing with this issue. Please see the referenced advisory for more information.


RedHat kdepim-3.1-5.i386.rpm

Red Hat Fedora Core1

Slackware Linux -current

RedHat kdepim-devel-3.1-5.i386.rpm

KDE KDE 3.1.4

Slackware Linux 9.0

Slackware Linux 9.1

Mandriva Linux Mandrake 9.1

Mandriva Linux Mandrake 9.1 ppc

Mandriva Linux Mandrake 9.2 amd64

Mandriva Linux Mandrake 9.2

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站