CVE-2003-0991
CVSS5.0
发布时间 :2004-03-03 00:00:00
修订时间 :2008-09-05 16:35:44
NMCOS    

[原文]Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.


[CNNVD]GNU Mailman畸形消息远程拒绝服务攻击漏洞(CNNVD-200403-008)

        
        GNU Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
        GNU Mailman在处理部分畸形消息时存在问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:gnu:mailman:2.0:beta4GNU Mailman 2.0 beta4
cpe:/a:gnu:mailman:2.0.9GNU Mailman 2.0.9
cpe:/a:gnu:mailman:2.1GNU Mailman 2.1
cpe:/a:gnu:mailman:2.0.2GNU Mailman 2.0.2
cpe:/a:gnu:mailman:2.0:beta3GNU Mailman 2.0 beta3
cpe:/a:gnu:mailman:2.0.8GNU Mailman 2.0.8
cpe:/a:gnu:mailman:2.0.11GNU Mailman 2.0.11
cpe:/a:gnu:mailman:2.0.6GNU Mailman 2.0.6
cpe:/a:gnu:mailman:2.0.3GNU Mailman 2.0.3
cpe:/a:gnu:mailman:2.0.10GNU Mailman 2.0.10
cpe:/a:gnu:mailman:2.0.13GNU Mailman 2.0.13
cpe:/a:gnu:mailman:1.0GNU Mailman 1.0
cpe:/a:gnu:mailman:2.0.7GNU Mailman 2.0.7
cpe:/a:gnu:mailman:1.1GNU Mailman 1.1
cpe:/a:gnu:mailman:2.0.4GNU Mailman 2.0.4
cpe:/a:gnu:mailman:2.0.1GNU Mailman 2.0.1
cpe:/a:sgi:propack:2.3SGI ProPack 2.3
cpe:/a:gnu:mailman:2.0:beta5GNU Mailman 2.0 beta5
cpe:/a:gnu:mailman:2.0GNU Mailman 2.0
cpe:/a:gnu:mailman:2.0.5GNU Mailman 2.0.5
cpe:/a:gnu:mailman:2.0.12GNU Mailman 2.0.12

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0991
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0991
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200403-008
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/15106
(VENDOR_ADVISORY)  XF  mailman-command-handler-dos(15106)
http://www.securityfocus.com/bid/9620
(VENDOR_ADVISORY)  BID  9620
http://www.redhat.com/support/errata/RHSA-2004-019.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:019
http://www.debian.org/security/2004/dsa-436
(VENDOR_ADVISORY)  DEBIAN  DSA-436
http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html
(VENDOR_ADVISORY)  MLIST  [Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013
(UNKNOWN)  MANDRAKE  MDKSA-2004:013
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842
(UNKNOWN)  CONECTIVA  CLA-2004:842
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
(UNKNOWN)  SGI  20040201-01-U

- 漏洞信息

GNU Mailman畸形消息远程拒绝服务攻击漏洞
中危 输入验证
2004-03-03 00:00:00 2005-05-13 00:00:00
远程  
        
        GNU Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
        GNU Mailman在处理部分畸形消息时存在问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-436-1)以及相应补丁:
        DSA-436-1:New mailman packages fix several vulnerabilities
        链接:
        http://www.debian.org/security/2002/dsa-436

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7.dsc

        Size/MD5 checksum: 595 c065353b3cc8462611f585c6eb5ccc43
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7.diff.gz

        Size/MD5 checksum: 31726 c7b00ed98949a0c1a6ad45a6ba22023d
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11.orig.tar.gz

        Size/MD5 checksum: 415129 915264cb1ac8d7b78ea9eff3ba38ee04
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_alpha.deb

        Size/MD5 checksum: 461206 9aa80ef9631d05c03282140cdf7f6a99
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_arm.deb

        Size/MD5 checksum: 458902 abdcfec853f9601645a8bd0929c03531
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_i386.deb

        Size/MD5 checksum: 458912 51f87418e0e3f56c7b7a5905a4457b3a
        Intel IA-64 architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_ia64.deb

        Size/MD5 checksum: 461720 3a0b6936743fea1b99792809fe30fd45
        HP Precision architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_hppa.deb

        Size/MD5 checksum: 459454 0df2f1cb9abbce760a6e01e7cc0ff96f
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_m68k.deb

        Size/MD5 checksum: 458996 8333eb0b5eefea56922952e21d6fa1a7
        Big endian MIPS architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_mips.deb

        Size/MD5 checksum: 459442 9f10739182c97b12fea781bb6e6bd0bb
        Little endian MIPS architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_mipsel.deb

        Size/MD5 checksum: 459336 a091672c96a16bfc42d807b4a2a99a11
        PowerPC architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_powerpc.deb

        Size/MD5 checksum: 459744 09e1f59de9a974e43ce1f4616546d4e5
        IBM S/390 architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_s390.deb

        Size/MD5 checksum: 459750 e868d1807361981e8902ae859a1f044f
        Sun Sparc architecture:
        
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody7_sparc.deb

        Size/MD5 checksum: 464212 634004546cf05739d91146dde8910701
        补丁安装方法:
        1. 手工安装补丁包:
         首先,使用下面的命令来下载补丁软件:
         # wget url (url是补丁下载链接地址)
         然后,使用下面的命令来安装补丁:
         # dpkg -i file.deb (file是相应的补丁名)
        2. 使用apt-get自动安装补丁包:
         首先,使用下面的命令更新内部数据库:
         # apt-get update
        
         然后,使用下面的命令安装更新软件包:
         # apt-get upgrade
        GNU
        ---
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        GNU Upgrade mailman-2.1.4.tgz
        
        http://ftp.gnu.org/gnu/mailman/mailman-2.1.4.tgz

        GNU Upgrade mailman-2.1.3.tgz
        
        http://ftp.gnu.org/gnu/mailman/mailman-2.1.3.tgz

        GNU Upgrade mailman-2.1.2.tgz
        
        http://ftp.gnu.org/gnu/mailman/mailman-2.1.2.tgz

        GNU Upgrade mailman-2.1.1.tgz
        
        http://ftp.gnu.org/gnu/mailman/mailman-2.1.1.tgz

        MandrakeSoft
        ------------
        
        http://www.debian.org/security/2004/dsa-436

- 漏洞信息

11749
Mailman Mail Command Handler Malformed E-mail DoS
Remote / Network Access Denial of Service, Input Manipulation
Loss of Availability
Exploit Unknown

- 漏洞描述

Mailman contains a flaw that may allow a remote denial of service. The issue is due to an error in the mail command handler. By sending a specially crafted email command, a remote attacker can cause a denial of service, resulting in loss of availability for the mailman service.

- 时间线

2003-11-18 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.0.14 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

GNU Mailman Malformed Message Remote Denial Of Service Vulnerability
Input Validation Error 9620
Yes No
2004-02-09 12:00:00 2009-07-12 02:06:00
Discovery of this issue has been credited to Matthew Galgoci.

- 受影响的程序版本

SGI ProPack 2.4
SGI ProPack 2.3
GNU Mailman 2.1
GNU Mailman 2.0.14
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
GNU Mailman 2.0.13
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
GNU Mailman 2.0.12
GNU Mailman 2.0.11
+ Debian Linux 3.0
GNU Mailman 2.0.10
GNU Mailman 2.0.9
GNU Mailman 2.0.8
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
- RedHat PowerTools 7.1
- RedHat PowerTools 7.0
GNU Mailman 2.0.7
GNU Mailman 2.0.6
GNU Mailman 2.0.5
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- Debian Linux 2.2
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- RedHat Linux 7.1
- RedHat Linux 7.0
- S.u.S.E. Linux 7.2
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0
- Slackware Linux 8.0
- Slackware Linux 7.1
- Slackware Linux 7.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
GNU Mailman 2.0.4
GNU Mailman 2.0.4
GNU Mailman 2.0.3
GNU Mailman 2.0.2
GNU Mailman 2.0.1
GNU Mailman 2.0 beta5
+ RedHat Secure Web Server 3.2 i386
GNU Mailman 2.0 beta4
- BSDI BSD/OS 4.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ RedHat Secure Web Server 3.2 i386
+ RedHat Secure Web Server 3.1 sparc
+ RedHat Secure Web Server 3.1 i386
+ RedHat Secure Web Server 3.1 alpha
+ RedHat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 beta3
- BSDI BSD/OS 4.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ RedHat Secure Web Server 3.2 i386
+ RedHat Secure Web Server 3.1 sparc
+ RedHat Secure Web Server 3.1 i386
+ RedHat Secure Web Server 3.1 alpha
+ RedHat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 .8
+ RedHat Secure Web Server 3.2 i386
GNU Mailman 2.0 .7
GNU Mailman 2.0 .6
+ RedHat Linux 7.2 i386
GNU Mailman 2.0 .5
GNU Mailman 2.0 .3
GNU Mailman 2.0 .2
GNU Mailman 2.0 .1
GNU Mailman 2.0
GNU Mailman 1.1
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
GNU Mailman 1.0
+ Debian Linux 2.1
GNU Mailman 2.1.10 b1
GNU Mailman 2.1.4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNU Mailman 2.1.3
GNU Mailman 2.1.1
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3

- 不受影响的程序版本

GNU Mailman 2.1.10 b1
GNU Mailman 2.1.4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNU Mailman 2.1.3
GNU Mailman 2.1.1
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3

- 漏洞讨论

It has been reported that GNU Mailman is prone to a denial of service vulnerability. Successful exploitation of this issue could cause Mailman to crash, denying service to legitimate users.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

SGI has released an advisory 20040202-01-U to address this and other issues in SGI ProPack 2.4. Please see the referenced advisory for more information. Fixes are available below.

Advisory RHSA-2004:019-04 has been released for Red Hat Enterprise Edition. Users are advised to update their packages immediately. Please see the reference section for more information.

SGI has released an advisory 20040201-01-U with a patch to address this and other issues. Please see the referenced advisory for more information.

Mandrake has released advisory MDKSA-2004:013 and fixes to address this issue.

Debian has released advisory DSA 436-2 to address this issue.

SUSE has released an advisory SuSE-SA:2004:009 to address this and other issues. Please see the advisory for more information.

Conectiva has released an advisory (CLA-2004:842) to address this and other issues. Please see the referenced advisory for more information.

Fixes:


GNU Mailman 1.0

GNU Mailman 1.1

GNU Mailman 2.0 beta3

GNU Mailman 2.0 .3

GNU Mailman 2.0 .7

GNU Mailman 2.0 beta4

GNU Mailman 2.0 .2

GNU Mailman 2.0 beta5

GNU Mailman 2.0 .5

GNU Mailman 2.0

GNU Mailman 2.0 .1

GNU Mailman 2.0 .8

GNU Mailman 2.0 .6

GNU Mailman 2.0.1

GNU Mailman 2.0.10

GNU Mailman 2.0.11

GNU Mailman 2.0.12

GNU Mailman 2.0.13

GNU Mailman 2.0.14

GNU Mailman 2.0.2

GNU Mailman 2.0.3

GNU Mailman 2.0.4

GNU Mailman 2.0.4

GNU Mailman 2.0.5

GNU Mailman 2.0.6

GNU Mailman 2.0.7

GNU Mailman 2.0.8

GNU Mailman 2.0.9

GNU Mailman 2.1

SGI ProPack 2.3

SGI ProPack 2.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站