CVE-2004-1597
CVSS5.0
发布时间 :2004-10-13 00:00:00
修订时间 :2016-10-17 22:57:18
NMCOS    

[原文]RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.


[CNNVD]Research In Motion Blackberry远程服务拒绝漏洞(CNNVD-200410-012)

        运行RIM Blackberry OS 3.7 SP1版本的RIM Blackberry 7230存在漏洞。远程攻击者可以借助带有超长Location 字段的日历信息导致服务拒绝(设备重启或可能数据破坏),在信息储存时引起watchdog。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1597
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1597
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200410-012
(官方数据源) CNNVD

- 其它链接及资源

http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027487.html
(VENDOR_ADVISORY)  FULLDISC  20041012 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss
http://marc.info/?l=bugtraq&m=109769022430842&w=2
(UNKNOWN)  BUGTRAQ  20041013 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss
http://marc.info/?l=bugtraq&m=109778267829493&w=2
(UNKNOWN)  BUGTRAQ  20041014 [HV-MED] UPDATE: RIM Blackberry DoS, data loss
http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0
(VENDOR_ADVISORY)  CONFIRM  http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0
http://www.hexview.com/docs/20041012-1.txt
(VENDOR_ADVISORY)  MISC  http://www.hexview.com/docs/20041012-1.txt
http://www.securityfocus.com/bid/11389
(VENDOR_ADVISORY)  BID  11389
http://xforce.iss.net/xforce/xfdb/17700
(VENDOR_ADVISORY)  XF  blackberry-calendar-bo(17700)

- 漏洞信息

Research In Motion Blackberry远程服务拒绝漏洞
中危 其他
2004-10-13 00:00:00 2006-08-23 00:00:00
远程  
        运行RIM Blackberry OS 3.7 SP1版本的RIM Blackberry 7230存在漏洞。远程攻击者可以借助带有超长Location 字段的日历信息导致服务拒绝(设备重启或可能数据破坏),在信息储存时引起watchdog。

- 公告与补丁

        The vendor has reported that this issue has been addressed in version 3.8 and 4.0 of the handheld software.
        Additionally, the vendor has released server level updates:
        BlackBerry Enterprise Server 4.0
        BlackBerry Enterprise Server 3.6 Service Pack 4 Hot Fix #1 for Microsoft Exchange
        BlackBerry Enterprise Server for IBM Lotus Domino version 2.2 Service Pack 4 Hot Fix #1
        These updates will prevent the servers from delivering malicious meeting request messages to the handheld devices.

- 漏洞信息

10725
BlackBerry Long Calendar Message Forced Reset DoS
Remote / Network Access Denial of Service
Loss of Confidentiality, Loss of Integrity, Loss of Availability
Exploit Public

- 漏洞描述

The RIM Blackberry 7230 does not perform proper bounds checking on calendar data sent to the device; as a result, a buffer can be overflowed. Specifically, the Location: field, if sent with a value of over 128K from Microsoft Outlook, will trigger this overflow. This will cause the device to unexpectedly reboot which deletes all information in RAM. Arbitrary code execution may also possible.

- 时间线

2004-10-12 2004-10-12
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Research In Motion Blackberry Remote Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 11389
Yes No
2004-10-13 12:00:00 2009-07-12 07:06:00
The individual responsible for the discovery of this issue is currently unknown; HexView is credited with disclosure of this issue.

- 受影响的程序版本

Research In Motion Blackberry 7230 3.7.1 .41
Research In Motion Blackberry 7230 4.0
Research In Motion Blackberry 7230 3.8

- 不受影响的程序版本

Research In Motion Blackberry 7230 4.0
Research In Motion Blackberry 7230 3.8

- 漏洞讨论

The Research In Motion Blackberry 7230 is affected by a remote denial of service vulnerability. This issue is due to the device attempting to copy a long message in to flash memory.

An attacker may leverage this issue to cause the affected device to restart, causing a loss of all email messages saved on the device.

Update: This issue was originally identified as a buffer overflow vulnerability. New information suggests that it is only a remote denial of service condition. This BID is being updated to reflect this information.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

The vendor has reported that this issue has been addressed in version 3.8 and 4.0 of the handheld software.

Additionally, the vendor has released server level updates:
BlackBerry Enterprise Server 4.0
BlackBerry Enterprise Server 3.6 Service Pack 4 Hot Fix #1 for Microsoft Exchange
BlackBerry Enterprise Server for IBM Lotus Domino version 2.2 Service Pack 4 Hot Fix #1

These updates will prevent the servers from delivering malicious meeting request messages to the handheld devices.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站