CVE-2004-0512
CVSS2.1
发布时间 :2004-12-23 00:00:00
修订时间 :2008-09-05 16:38:37
NMCOP    

[原文]Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.


[CNNVD]OpenServer MMDF多个缓冲区溢出漏洞(CNNVD-200412-100)

        
        OpenServer是一款由Caldera维护的商业性质Unix类型操作系统。
        OpenServer的MMDF包中execmail存在缓冲区溢出,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击,提升权限。
        另外MMDF存在NULL指针废弃和Core Dump问题,可导致应用程序崩溃,
        

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:sco:openserver:5.0.6
cpe:/o:sco:openserver:5.0.7
cpe:/o:sco:openserver:5.0.6a

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0512
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0512
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200412-100
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/16740
(VENDOR_ADVISORY)  XF  openserver-mmdf-dos(16740)
http://www.securityfocus.com/bid/10758
(VENDOR_ADVISORY)  BID  10758
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.7/SCOSA-2004.7.txt
(VENDOR_ADVISORY)  SCO  SCOSA-2004.7

- 漏洞信息

OpenServer MMDF多个缓冲区溢出漏洞
低危 边界条件错误
2004-12-23 00:00:00 2005-10-20 00:00:00
远程※本地  
        
        OpenServer是一款由Caldera维护的商业性质Unix类型操作系统。
        OpenServer的MMDF包中execmail存在缓冲区溢出,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击,提升权限。
        另外MMDF存在NULL指针废弃和Core Dump问题,可导致应用程序崩溃,
        

- 公告与补丁

        厂商补丁:
        Caldera
        -------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        OpenServer 5.0.7
         4.1 Location of Fixed Binaries
         ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.7
         SCO OpenServer Release 5.0.7 Maintenance Pack 3及之后版本也包含此补丁:
        
        http://www.sco.com/support/update/download/osr507list.html.

        OpenServer 5.0.6
         5.1 Location of Fixed Binaries
         ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.7

- 漏洞信息 (F33830)

SCOSA-2004.7.txt (PacketStormID:F33830)
2004-07-20 00:00:00
 
advisory,overflow,vulnerability
CVE-2004-0510,CVE-2004-0511,CVE-2004-0512
[点击下载]

SCO Security Advisory - Multiple vulnerabilities have been found in the MMDF binaries included with SCO Openserver versions 5.0.6 and 5.0.7. These include buffer overflows, null dereferences, and core dumps.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

			SCO Security Advisory

Subject:		OpenServer 5.0.6 OpenServer 5.0.7 : MMDF Various buffer overflows and other security issues
Advisory number: 	SCOSA-2004.7
Issue date: 		2004 July 14
Cross reference: 	sr884728 fz528322 erg712434 CAN-2004-0510 CAN-2004-0511 CAN-2004-0512
______________________________________________________________________________


1. Problem Description

	Deprotect discovered a buffer overflow in execmail.  After reviewing 
	our code we determined the whole MMDF package needed a security audit.

	Various buffer overflows and other security issues that affect all 
	MMDF binaries have been corrected. 

	All but one of the MMDF binaries that were setuid root are no 
	longer setuid. 

	Additional changes in this version of MMDF are documented at
	ftp://ftp.sco.com/pub/openserver5/507/mp/mp3/osr507mp3.html#rn507mp_mmdf
	and in the updated man pages which are included in SCOSA-2004.7

	The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned MMDF buffer overflows the name CAN-2004-0510.

	The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned MMDF null dereferences the name CAN-2004-0511.

	The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned MMDF core dumps the name CAN-2004-0512.

2. Vulnerable Supported Versions

	System			Binaries
	----------------------------------------------------------------------
	OpenServer 5.0.6 	MMDF Distribution
	OpenServer 5.0.7 	MMDF Distribution

3. Solution

	The proper solution is to install the latest packages.

4. OpenServer 5.0.7

	4.1 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.7

	The fixes are also available in SCO OpenServer Release 5.0.7 
	Maintenance Pack 3 or later.  See
	http://www.sco.com/support/update/download/osr507list.html.

5. OpenServer 5.0.6   

	5.1 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.7

	5.2 Verification

	MD5 (VOL.000.000) = 7d079342022ff408e479184fab3ee86b

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools

	5.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	1) Download the VOL* files to a directory

	2) Run the custom command, specify an install from media
	images, and specify the download directory as the location of
	the images.


6. References

	Specific references for this advisory:
		http://www.deprotect.com/advisories/DEPROTECT-20040206.txt

	SCO security resources:
		http://www.sco.com/support/security/index.html

	SCO security advisories via email
		http://www.sco.com/support/forums/security.html

	This security fix closes SCO incidents sr884728 fz528322
	erg712434.


7. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO
	products.


8. Acknowledgments

	SCO would like to thank Deprotect which describes itself 
	as "a Swedish based security company divided into four 
	divisions; Managed Security Services, Security Services, 
	Products and Development and our Security Academy."

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SCO/UNIX_SVR5)

iD8DBQFA/BA7aqoBO7ipriERAlNkAJ4wc5INlU2E1vS0FvfHIBZBWVZncgCgguCU
5eD+BJzK6BCNVJAbF1y1Jic=
=yfK9
-----END PGP SIGNATURE-----
    

- 漏洞信息

8097
SCO OpenServer MMDF Core Dumps DoS
Remote / Network Access Denial of Service, Input Manipulation
Loss of Availability
Exploit Unknown

- 漏洞描述

OpenServer contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified core dump vulnerability in the MMDF package is exploited, and will result in loss of availability for the service.

- 时间线

2004-07-14 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, SCO has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站