CVE-2005-1463 |
|
发布时间 :2005-05-05 00:00:00 | ||
修订时间 :2017-10-10 21:30:08 | ||||
NMCOP |
[原文]Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
[CNNVD]Ethereal多个协议分析处理模块漏洞(CNNVD-200505-913)
Ethereal是一款非常流行的网络协议分析工具。
Ethereal厂商报告了各种协议处理模块中的多个漏洞,包括:
- 缓冲区溢出漏洞
- 格式串漏洞
- 空指针引用拒绝服务漏洞
- 分段错误拒绝服务漏洞
- 死循环漏洞
- 内存耗尽拒绝服务漏洞
- 双重释放漏洞
- 未明的拒绝服务漏洞
这些漏洞可能允许远程攻击者执行任意代码或导致受影响的应用程序崩溃。
- CVSS (基础分值)
CVSS分值: | 7.5 | [严重(HIGH)] |
机密性影响: | [--] | |
完整性影响: | [--] | |
可用性影响: | [--] | |
攻击复杂度: | [--] | |
攻击向量: | [--] | |
身份认证: | [--] |
- CPE (受影响的平台与产品)
cpe:/a:ethereal_group:ethereal:0.8 | |
cpe:/a:ethereal_group:ethereal:0.8.13 | |
cpe:/a:ethereal_group:ethereal:0.8.14 | |
cpe:/a:ethereal_group:ethereal:0.8.15 | |
cpe:/a:ethereal_group:ethereal:0.8.18 | |
cpe:/a:ethereal_group:ethereal:0.8.19 | |
cpe:/a:ethereal_group:ethereal:0.9 | |
cpe:/a:ethereal_group:ethereal:0.9.1 | |
cpe:/a:ethereal_group:ethereal:0.9.2 | |
cpe:/a:ethereal_group:ethereal:0.9.3 | |
cpe:/a:ethereal_group:ethereal:0.9.4 | |
cpe:/a:ethereal_group:ethereal:0.9.5 | |
cpe:/a:ethereal_group:ethereal:0.9.6 | |
cpe:/a:ethereal_group:ethereal:0.9.7 | |
cpe:/a:ethereal_group:ethereal:0.9.8 | |
cpe:/a:ethereal_group:ethereal:0.9.9 | |
cpe:/a:ethereal_group:ethereal:0.9.10 | |
cpe:/a:ethereal_group:ethereal:0.9.11 | |
cpe:/a:ethereal_group:ethereal:0.9.12 | |
cpe:/a:ethereal_group:ethereal:0.9.13 | |
cpe:/a:ethereal_group:ethereal:0.9.14 | |
cpe:/a:ethereal_group:ethereal:0.9.15 | |
cpe:/a:ethereal_group:ethereal:0.9.16 | |
cpe:/a:ethereal_group:ethereal:0.10 | |
cpe:/a:ethereal_group:ethereal:0.10.1 | |
cpe:/a:ethereal_group:ethereal:0.10.2 | |
cpe:/a:ethereal_group:ethereal:0.10.3 | |
cpe:/a:ethereal_group:ethereal:0.10.4 | |
cpe:/a:ethereal_group:ethereal:0.10.5 | |
cpe:/a:ethereal_group:ethereal:0.10.6 | |
cpe:/a:ethereal_group:ethereal:0.10.7 | |
cpe:/a:ethereal_group:ethereal:0.10.8 | |
cpe:/a:ethereal_group:ethereal:0.10.9 | |
cpe:/a:ethereal_group:ethereal:0.10.10 |
- OVAL (用于检测的技术细节)
oval:org.mitre.oval:def:10713 | Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to ex... |
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。 |
- 官方数据库链接
- 其它链接及资源
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963 (UNKNOWN) CONECTIVA CLSA-2005:963 |
http://www.ethereal.com/appnotes/enpa-sa-00019.html (VENDOR_ADVISORY) CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00019.html |
http://www.ethereal.com/news/item_20050504_01.html (VENDOR_ADVISORY) CONFIRM http://www.ethereal.com/news/item_20050504_01.html |
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html (UNKNOWN) FEDORA FLSA-2006:152922 |
http://www.redhat.com/support/errata/RHSA-2005-427.html (UNKNOWN) REDHAT RHSA-2005:427 |
http://www.securityfocus.com/bid/13504 (UNKNOWN) BID 13504 |
- 漏洞信息
Ethereal多个协议分析处理模块漏洞 | |
高危 | 格式化字符串 |
2005-05-05 00:00:00 | 2005-10-20 00:00:00 |
远程 | |
Ethereal是一款非常流行的网络协议分析工具。
Ethereal厂商报告了各种协议处理模块中的多个漏洞,包括: - 缓冲区溢出漏洞 - 格式串漏洞 - 空指针引用拒绝服务漏洞 - 分段错误拒绝服务漏洞 - 死循环漏洞 - 内存耗尽拒绝服务漏洞 - 双重释放漏洞 - 未明的拒绝服务漏洞 这些漏洞可能允许远程攻击者执行任意代码或导致受影响的应用程序崩溃。 |
- 公告与补丁
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.ethereal.com/distribution/ethereal-0.10.11.tar.gz http://security.gentoo.org/glsa/glsa-200505-03.xml |
- 漏洞信息 (F38410)
Gentoo Linux Security Advisory 200505-3 (PacketStormID:F38410) |
2005-07-02 00:00:00 |
Gentoo security.gentoo.org |
advisory,arbitrary,vulnerability |
linux,gentoo |
CVE-2005-1456,CVE-2005-1457,CVE-2005-1458,CVE-2005-1459,CVE-2005-1460,CVE-2005-1461,CVE-2005-1462,CVE-2005-1463,CVE-2005-1464,CVE-2005-1465,CVE-2005-1466,CVE-2005-1467,CVE-2005-1468,CVE-2005-1469,CVE-2005-1470 |
[点击下载] |
Gentoo Linux Security Advisory GLSA 200505-03 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.11 are affected. |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200505-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Ethereal: Numerous vulnerabilities Date: May 06, 2005 Bugs: #90539 ID: 200505-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Background ========== Ethereal is a feature rich network protocol analyzer. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/ethereal < 0.10.11 >= 0.10.11 Description =========== There are numerous vulnerabilities in versions of Ethereal prior to 0.10.11, including: * The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. * The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. * The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. * The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. * The Telnet and DHCP dissectors could abort. * The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. * The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. * The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. * The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly. Impact ====== An attacker might be able to use these vulnerabilities to crash Ethereal and execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. Workaround ========== There is no known workaround at this time. Resolution ========== All Ethereal users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/ethereal-0.10.11" References ========== [ 1 ] Ethereal enpa-sa-00019 http://www.ethereal.com/appnotes/enpa-sa-00019.html [ 2 ] CAN-2005-1456 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1456 [ 3 ] CAN-2005-1457 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1457 [ 4 ] CAN-2005-1458 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1458 [ 5 ] CAN-2005-1459 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1459 [ 6 ] CAN-2005-1460 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1460 [ 7 ] CAN-2005-1461 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1461 [ 8 ] CAN-2005-1462 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1462 [ 9 ] CAN-2005-1463 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1463 [ 10 ] CAN-2005-1464 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1464 [ 11 ] CAN-2005-1465 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1465 [ 12 ] CAN-2005-1466 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1466 [ 13 ] CAN-2005-1467 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1467 [ 14 ] CAN-2005-1468 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1468 [ 15 ] CAN-2005-1469 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1469 [ 16 ] CAN-2005-1470 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1470 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200505-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0
- 漏洞信息
16094 | |
Ethereal ANSI A Dissector Remote Format String | |
Remote / Network Access, Local / Remote, Context Dependent | Input Manipulation |
Loss of Integrity | |
Exploit Unknown |
- 漏洞描述
A remote format string handling flaw exists in Ethereal. The ANSI A dissector fails to validate user-supplied input. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
- 时间线
2005-05-04 | Unknow |
Unknow | Unknow |
- 解决方案
Upgrade to version 0.10.11 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
- 相关参考
|