CVE-2004-0830
CVSS5.0
发布时间 :2004-09-09 00:00:00
修订时间 :2016-10-17 22:49:19
NMCOS    

[原文]The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.


[CNNVD]F-Secure Internet Gatekeeper内容扫描服务器远程拒绝服务漏洞(CNNVD-200409-018)

        
        F-Secure Internet Gatekeeper是反病毒和内容过滤解决方案。
        F-Secure Internet Gatekeeper内容扫描服务存在输入验证错误,远程攻击者可以利用这个漏洞对服务进行拒绝服务攻击。
        F-Secure Internet Gatekeeper能对EMAIL和WEB通信进行自动病毒和内容过滤,在18971端口上的内容扫描器接收到畸形包时存在问题,在解析这些包时可导致应用服务崩溃。根据配置选项,在桌面会提示对话框说明FSAVSD.EXE进程崩溃。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:f-secure:internet_gatekeeper:6.32
cpe:/a:f-secure:f-secure_anti-virus:6.21::ms_exchange
cpe:/a:f-secure:internet_gatekeeper:6.31
cpe:/a:f-secure:internet_gatekeeper:6.3
cpe:/a:f-secure:f-secure_anti-virus:6.2::ms_exchange
cpe:/a:f-secure:f-secure_anti-virus:6.01::ms_exchange
cpe:/a:f-secure:f-secure_content_scanner_server:6.31

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0830
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0830
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200409-018
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=109483205925698&w=2
(UNKNOWN)  BUGTRAQ  20040910 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability
http://www.f-secure.com/security/fsc-2004-2.shtml
(VENDOR_ADVISORY)  CONFIRM  http://www.f-secure.com/security/fsc-2004-2.shtml
http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities
(VENDOR_ADVISORY)  IDEFENSE  20040909 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability
http://www.securityfocus.com/bid/11145
(VENDOR_ADVISORY)  BID  11145
http://xforce.iss.net/xforce/xfdb/17307
(VENDOR_ADVISORY)  XF  fsecure-content-scanner-dos(17307)

- 漏洞信息

F-Secure Internet Gatekeeper内容扫描服务器远程拒绝服务漏洞
中危 其他
2004-09-09 00:00:00 2006-08-16 00:00:00
远程  
        
        F-Secure Internet Gatekeeper是反病毒和内容过滤解决方案。
        F-Secure Internet Gatekeeper内容扫描服务存在输入验证错误,远程攻击者可以利用这个漏洞对服务进行拒绝服务攻击。
        F-Secure Internet Gatekeeper能对EMAIL和WEB通信进行自动病毒和内容过滤,在18971端口上的内容扫描器接收到畸形包时存在问题,在解析这些包时可导致应用服务崩溃。根据配置选项,在桌面会提示对话框说明FSAVSD.EXE进程崩溃。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 配置应用程序之接收已知信任IP地址的连接。
        厂商补丁:
        F-Secure
        --------
        F-Secure Internet Gatekeeper 6.32不存在此问题,建议用户下载使用。
        相关补丁下载:
        
        http://www.f-secure.com/security/fsc-2004-2.shtml

- 漏洞信息

9790
F-Secure Internet Gatekeeper Content Scanner Server Exception Handling DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Unknown

- 漏洞描述

F-Secure Internet Gatekeeper contains a flaw that may allow a remote denial of service. The issue is triggered due to the parsing of malformed packets on port 18,971, which causes the application to crash with an access violation error and will result in loss of availability for the server.

- 时间线

2004-09-09 2004-08-25
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, F-Secure has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

F-Secure Content Scanner Server Remote Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 11145
Yes No
2004-09-09 12:00:00 2009-07-12 07:06:00
Discovery is credited to an anonymous source.

- 受影响的程序版本

F-Secure Internet Gatekeeper 6.32
F-Secure Internet Gatekeeper 6.31
F-Secure Internet Gatekeeper 6.3
F-Secure Content Scanner Server 6.31
F-Secure Anti-Virus for MS Exchange 6.21
F-Secure Anti-Virus for MS Exchange 6.2
F-Secure Anti-Virus for MS Exchange 6.0 1
F-Secure Internet Gatekeeper 6.40 0
F-Secure Anti-Virus for MS Exchange 6.3 0

- 不受影响的程序版本

F-Secure Internet Gatekeeper 6.40 0
F-Secure Anti-Virus for MS Exchange 6.3 0

- 漏洞讨论

F-Secure Content Scanner Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application handles certain malformed packets. This vulnerability causes an unhandled exception in the process leading to a crash in the process.

F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper are vulnerable to this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

F-Secure has released updates and fixes to address this issue:


F-Secure Anti-Virus for MS Exchange 6.0 1

F-Secure Anti-Virus for MS Exchange 6.2

F-Secure Anti-Virus for MS Exchange 6.21

F-Secure Internet Gatekeeper 6.3

F-Secure Content Scanner Server 6.31

F-Secure Internet Gatekeeper 6.31

F-Secure Internet Gatekeeper 6.32

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站