CVE-2005-0706
CVSS7.5
发布时间 :2005-05-02 00:00:00
修订时间 :2010-08-21 00:26:52
NMCOPS    

[原文]Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.


[CNNVD]Grip CDDB Response Multiple Matches缓冲区溢出漏洞(CNNVD-200505-627)

        grip 3.1.2的discdb.c存在缓冲区溢出,攻击者可以通过让cddb查找返回超过预期量的匹配结果从而发起拒绝服务攻击(崩溃)并可能执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:grip:grip:2.9.6
cpe:/a:grip:grip:3.2.0
cpe:/a:grip:grip:3.1.2
cpe:/a:grip:grip:3.1.4

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10768Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by caus...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0706
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0706
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-627
(官方数据源) CNNVD

- 其它链接及资源

http://security.gentoo.org/glsa/glsa-200503-21.xml
(PATCH)  GENTOO  GLSA-200503-21
https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00188.html
(UNKNOWN)  FEDORA  FEDORA-2008-11956
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00490.html
(UNKNOWN)  FEDORA  FEDORA-2008-9521
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00429.html
(UNKNOWN)  FEDORA  FEDORA-2008-9604
http://xforce.iss.net/xforce/xfdb/19648
(UNKNOWN)  XF  grip-cddb-bo(19648)
http://www.securityfocus.com/bid/12770
(UNKNOWN)  BID  12770
http://www.redhat.com/support/errata/RHSA-2009-0005.html
(UNKNOWN)  REDHAT  RHSA-2009:0005
http://www.redhat.com/support/errata/RHSA-2005-304.html
(UNKNOWN)  REDHAT  RHSA-2005:304
http://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714
(VENDOR_ADVISORY)  MISC  http://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714
http://sourceforge.net/tracker/index.php?func=detail&aid=1160134&group_id=3714&atid=303714
(UNKNOWN)  CONFIRM  http://sourceforge.net/tracker/index.php?func=detail&aid=1160134&group_id=3714&atid=303714
http://secunia.com/advisories/33824
(UNKNOWN)  SECUNIA  33824
http://secunia.com/advisories/33389
(UNKNOWN)  SECUNIA  33389
http://secunia.com/advisories/32803
(UNKNOWN)  SECUNIA  32803
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152919
(UNKNOWN)  FEDORA  FLSA:152919
http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html
(UNKNOWN)  CONFIRM  http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html

- 漏洞信息

Grip CDDB Response Multiple Matches缓冲区溢出漏洞
高危 缓冲区溢出
2005-05-02 00:00:00 2009-03-07 00:00:00
远程  
        grip 3.1.2的discdb.c存在缓冲区溢出,攻击者可以通过让cddb查找返回超过预期量的匹配结果从而发起拒绝服务攻击(崩溃)并可能执行任意代码。

- 公告与补丁

        暂无数据

- 漏洞信息 (F72142)

Mandriva Linux Security Advisory 2008-233 (PacketStormID:F72142)
2008-11-20 00:00:00
Mandriva  mandriva.com
advisory,overflow,arbitrary
linux,mandriva
CVE-2005-0706,CVE-2008-5030
[点击下载]

Mandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:233
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : libcdaudio
 Date    : November 20, 2008
 Affected: 2008.1, 2009.0, Corporate 3.0
 _______________________________________________________________________

 Problem Description:

 A heap overflow was found in the CDDB retrieval code of libcdaudio,
 which could result in the execution of arbitrary code (CVE-2008-5030).
 
 In addition, the fixes for CVE-2005-0706 were not applied to newer
 libcdaudio packages as shipped with Mandriva Linux, so the patch to fix
 that issue has been applied to 2008.1 and 2009.0 (this was originally
 fixed in MDKSA-2005:075).  This issue is a buffer overflow flaw found
 by Joseph VanAndel.  Corporate 3.0 has this fix already applied.
 
 The updated packages have been patched to prevent these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0706
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.1:
 6978cf6d84f22686062d62b45863f81f  2008.1/i586/libcdaudio1-0.99.12-5.1mdv2008.1.i586.rpm
 126a243d197bf8d847597357546dfc58  2008.1/i586/libcdaudio1-devel-0.99.12-5.1mdv2008.1.i586.rpm 
 3dd42d183a63a921ec56b129b86f3f02  2008.1/SRPMS/libcdaudio-0.99.12-5.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 76ca25627276138014833e61a8fe6c4e  2008.1/x86_64/lib64cdaudio1-0.99.12-5.1mdv2008.1.x86_64.rpm
 87e8e0c3d0179573ca8c61295a228bed  2008.1/x86_64/lib64cdaudio1-devel-0.99.12-5.1mdv2008.1.x86_64.rpm 
 3dd42d183a63a921ec56b129b86f3f02  2008.1/SRPMS/libcdaudio-0.99.12-5.1mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 48351a32506f711f934042c5d6f123d7  2009.0/i586/libcdaudio1-0.99.12-6.1mdv2009.0.i586.rpm
 f3df7e51ad855e834c0a37ef4113a6dd  2009.0/i586/libcdaudio1-devel-0.99.12-6.1mdv2009.0.i586.rpm 
 72653605f19d2365a7c440d21044969a  2009.0/SRPMS/libcdaudio-0.99.12-6.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 b2d85ef8098faccc154309fba1a8214c  2009.0/x86_64/lib64cdaudio1-0.99.12-6.1mdv2009.0.x86_64.rpm
 8c4d1001de404c10a4f11788955b2ab9  2009.0/x86_64/lib64cdaudio1-devel-0.99.12-6.1mdv2009.0.x86_64.rpm 
 72653605f19d2365a7c440d21044969a  2009.0/SRPMS/libcdaudio-0.99.12-6.1mdv2009.0.src.rpm

 Corporate 3.0:
 93eee111cae34c40cbf8c82477874919  corporate/3.0/i586/libcdaudio1-0.99.9-1.2.C30mdk.i586.rpm
 d3ab78c3ae2d85be72b044918b6938b2  corporate/3.0/i586/libcdaudio1-devel-0.99.9-1.2.C30mdk.i586.rpm 
 ff91319a5e9298e220ca7ca356dbd4a4  corporate/3.0/SRPMS/libcdaudio1-0.99.9-1.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 87a069d1a5c43fa936e431ad148b45a5  corporate/3.0/x86_64/libcdaudio1-0.99.9-1.2.C30mdk.x86_64.rpm
 4e4bfc437a44bfad8837c8d2e1f8cfe5  corporate/3.0/x86_64/libcdaudio1-devel-0.99.9-1.2.C30mdk.x86_64.rpm 
 ff91319a5e9298e220ca7ca356dbd4a4  corporate/3.0/SRPMS/libcdaudio1-0.99.9-1.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJJa8RmqjQ0CJFipgRAgA+AKC25MuoSNFyx40c7MjmoReX+9N8CACgm5UY
Kg8WqVu7/YREp8ux12HWKhk=
=qeH8
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F37079)

Gentoo Linux Security Advisory 200504-7 (PacketStormID:F37079)
2005-04-17 00:00:00
Gentoo  security.gentoo.org
advisory,overflow
linux,gentoo
CVE-2005-0706
[点击下载]

Gentoo Linux Security Advisory GLSA 200504-07 - Joseph VanAndel has discovered a buffer overflow in Grip when processing large CDDB results (see GLSA 200503-21). The same overflow is present in GnomeVFS and libcdaudio code. Versions less than 2.8.4-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200504-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: GnomeVFS, libcdaudio: CDDB response overflow
      Date: April 08, 2005
      Bugs: #84936
        ID: 200504-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

The GnomeVFS and libcdaudio libraries contain a buffer overflow that
can be triggered by a large CDDB response, potentially allowing the
execution of arbitrary code.

Background
==========

GnomeVFS is a filesystem abstraction library for the GNOME desktop
environment. libcdaudio is a multi-platform CD player development
library. They both include code to query CDDB servers to get Audio CD
track titles.

Affected packages
=================

    -------------------------------------------------------------------
     Package                /   Vulnerable   /              Unaffected
    -------------------------------------------------------------------
  1  gnome-base/gnome-vfs       < 2.8.4-r1                 >= 2.8.4-r1
  2  media-libs/libcdaudio     < 0.99.10-r1              >= 0.99.10-r1
    -------------------------------------------------------------------
     2 affected packages on all of their supported architectures.
    -------------------------------------------------------------------

Description
===========

Joseph VanAndel has discovered a buffer overflow in Grip when
processing large CDDB results (see GLSA 200503-21). The same overflow
is present in GnomeVFS and libcdaudio code.

Impact
======

A malicious CDDB server could cause applications making use of GnomeVFS
or libcdaudio libraries to crash, potentially allowing the execution of
arbitrary code with the privileges of the user running the application.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All GnomeVFS users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=gnome-base/gnome-vfs-2.8.4-r1"

All libcdaudio users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-libs/libcdaudio-0.99.10-r1"

References
==========

  [ 1 ] CAN-2005-0706
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
  [ 2 ] GLSA 200503-21
        http://www.gentoo.org/security/en/glsa/glsa-200503-21.xml

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200504-07.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

    

- 漏洞信息 (F36685)

Gentoo Linux Security Advisory 200503-21 (PacketStormID:F36685)
2005-03-22 00:00:00
Gentoo  security.gentoo.org
advisory,overflow
linux,gentoo
CVE-2005-0706
[点击下载]

Gentoo Linux Security Advisory GLSA 200503-21 - Joseph VanAndel has discovered a buffer overflow in Grip when processing large CDDB results. Versions less than 3.3.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200503-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Grip: CDDB response overflow
      Date: March 17, 2005
      Bugs: #84704
        ID: 200503-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Grip contains a buffer overflow that can be triggered by a large CDDB
response, potentially allowing the execution of arbitrary code.

Background
==========

Grip is a GTK+ based audio CD player/ripper.

Affected packages
=================

    -------------------------------------------------------------------
     Package           /  Vulnerable  /                     Unaffected
    -------------------------------------------------------------------
  1  media-sound/grip       < 3.3.0                           >= 3.3.0

Description
===========

Joseph VanAndel has discovered a buffer overflow in Grip when
processing large CDDB results.

Impact
======

A malicious CDDB server could cause Grip to crash by returning more
then 16 matches, potentially allowing the execution of arbitrary code
with the privileges of the user running the application.

Workaround
==========

Disable automatic CDDB queries, but we highly encourage users to
upgrade to 3.3.0.

Resolution
==========

All Grip users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-sound/grip-3.3.0"

References
==========

  [ 1 ] CAN-2005-0706
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
  [ 2 ] Original Bug Report
        http://sourceforge.net/tracker/?group_id=3714&atid=103714&func=detail&aid=834724

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200503-21.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0
    

- 漏洞信息

14643
grip CDDB Multiple Matches Overflow
Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-11-02 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Grip CDDB Response Multiple Matches Buffer Overflow Vulnerability
Boundary Condition Error 12770
Yes No
2005-03-10 12:00:00 2009-12-09 04:44:00
Discovery is credited to Joseph VanAndel.

- 受影响的程序版本

S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
S.u.S.E. Linux 7.3 sparc
S.u.S.E. Linux 7.3 ppc
S.u.S.E. Linux 7.3 i386
S.u.S.E. Linux 7.3
S.u.S.E. Linux 7.2 i386
S.u.S.E. Linux 7.2
S.u.S.E. Linux 7.1 x86
S.u.S.E. Linux 7.1 sparc
S.u.S.E. Linux 7.1 ppc
S.u.S.E. Linux 7.1 alpha
S.u.S.E. Linux 7.1
S.u.S.E. Linux 7.0 sparc
S.u.S.E. Linux 7.0 ppc
S.u.S.E. Linux 7.0 i386
S.u.S.E. Linux 7.0 alpha
S.u.S.E. Linux 7.0
S.u.S.E. Linux 6.4 ppc
S.u.S.E. Linux 6.4 i386
S.u.S.E. Linux 6.4 alpha
S.u.S.E. Linux 6.4
S.u.S.E. Linux 6.3 ppc
S.u.S.E. Linux 6.3 alpha
S.u.S.E. Linux 6.3
S.u.S.E. Linux 6.2
S.u.S.E. Linux 6.1 alpha
S.u.S.E. Linux 6.1
RedHat Linux Advanced Workstation 2.1 for the Ita 2.1 IA64
RedHat Linux Advanced Work Station 2.1
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Fedora Core1
Red Hat Fedora 9
Red Hat Fedora 8
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Peachtree Linux release 1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
libcdaudio CD Control Library 0.99.12
+ cdcd Command Line CD Player 0.6.6
+ cdcd Command Line CD Player 0.6.5
+ cdcd Command Line CD Player 0.6.4
+ cdcd Command Line CD Player 0.6.3
+ cdcd Command Line CD Player 0.6.2
+ cdcd Command Line CD Player 0.6.1
+ cdcd Command Line CD Player 0.5.6
+ cdcd Command Line CD Player 0.5.5
+ cdcd Command Line CD Player 0.5.4
+ cdcd Command Line CD Player 0.5.3
+ cdcd Command Line CD Player 0.5.2
+ cdcd Command Line CD Player 0.5.1
libcdaudio CD Control Library 0.99.11
libcdaudio CD Control Library 0.99.10
+ Gentoo Linux
libcdaudio CD Control Library 0.99.9
libcdaudio CD Control Library 0.99.8
libcdaudio CD Control Library 0.99.7
libcdaudio CD Control Library 0.99.6
libcdaudio CD Control Library 0.99.5
libcdaudio CD Control Library 0.99.4
Grip Grip 3.2 .0
+ Gentoo Linux
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
Grip Grip 3.1.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
Grip Grip 3.1.2
Grip Grip 3.0.7
Grip Grip 3.0.4
Grip Grip 2.96
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 3
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 3
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
GNOME GnomeVFS 2.8.4
+ Gentoo Linux
GNOME GnomeVFS 2.8.3
GNOME GnomeVFS 2.8.2
GNOME GnomeVFS 2.8.1
GNOME GnomeVFS 2.8
GNOME GnomeVFS 2.7.5
GNOME GnomeVFS 2.7.4
GNOME GnomeVFS 2.7.3
GNOME GnomeVFS 2.7.2
GNOME GnomeVFS 2.7.1
GNOME GnomeVFS 2.7
GNOME GnomeVFS 2.6.2
GNOME GnomeVFS 2.4.2
GNOME GnomeVFS 2.2.5
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
GNOME GnomeVFS 2.1.3
Gentoo Linux
Conectiva Linux 10.0
Avaya Proactive Contact 4.0
Avaya Proactive Contact 3.0
Avaya Proactive Contact 0
Avaya Messaging Storage Server MSS 3.0
Avaya Messaging Storage Server MM3.0
Avaya Messaging Storage Server 4.0
Avaya Messaging Storage Server 3.1
Avaya Messaging Storage Server 2.0
Avaya Messaging Storage Server 1.0
Avaya Messaging Storage Server
Avaya Message Networking MN 3.1
Avaya Message Networking 3.1
Avaya Message Networking
Avaya Intuity AUDIX LX 2.0
Avaya Intuity AUDIX LX 1.0

- 漏洞讨论

A buffer-overflow issue in Grip occurs when the software processes a response to a CDDB query that has more than 16 matches.

To exploit this issue, an attacker must be able to influence the response to a CDDB query, either by controlling a malicious CDDB server or through some other means. Successful exploits will allow arbitrary code to run.

Grip 3.1.2 and 3.2.0 are affected; other versions may also be affected.

- 漏洞利用

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Fixes are available. Please see the references for details.


Mandriva Linux Mandrake 2008.0 x86_64

Mandriva Linux Mandrake 2008.0

Mandriva Linux Mandrake 2009.0 x86_64

Mandriva Linux Mandrake 2008.1 x86_64

Mandriva Linux Mandrake 2008.1

libcdaudio CD Control Library 0.99.10

libcdaudio CD Control Library 0.99.9

Conectiva Linux 10.0

GNOME GnomeVFS 2.8.4

Grip Grip 2.96

MandrakeSoft Corporate Server 3.0

MandrakeSoft Corporate Server 3.0 x86_64

Grip Grip 3.1.4

Grip Grip 3.2 .0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站