CVE-2005-2070
CVSS5.0
发布时间 :2005-06-29 00:00:00
修订时间 :2008-09-05 16:50:48
NMCOS    

[原文]The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading.


[CNNVD]Sendmail 远程拒绝服务漏洞(CNNVD-200506-230)

        Sendmail是很多大型站点都在使用的邮件传输代理(MTA)。
        Sendmail的邮件过滤器(milter)接口存在远程拒绝服务漏洞,根据milter接口的不同配置,攻击者可能利用这个漏洞在受影响站点上绕过milter或拒绝之后进行邮件传输。
        起因是milter所配置的超长的默认超时。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:sendmail:sendmail:8.11.6Sendmail Sendmail 8.11.6
cpe:/a:sendmail:sendmail:8.11.1Sendmail Sendmail 8.11.1
cpe:/a:sendmail:sendmail:8.12:beta12Sendmail Sendmail 8.12 Beta12
cpe:/a:sendmail:sendmail:8.12:beta16Sendmail Sendmail 8.12 Beta16
cpe:/a:sendmail:sendmail:8.12.5Sendmail Sendmail 8.12.5
cpe:/a:sendmail:sendmail:8.9.3Sendmail Sendmail 8.9.3
cpe:/a:sendmail:sendmail:8.12:beta5Sendmail Sendmail 8.12 Beta5
cpe:/a:sendmail:sendmail:8.12.1Sendmail Sendmail 8.12.1
cpe:/a:sendmail:sendmail:8.12.11Sendmail Sendmail 8.12.11
cpe:/a:sendmail:sendmail:8.11.7Sendmail Sendmail 8.11.7
cpe:/a:sendmail:sendmail:8.12.6Sendmail Sendmail 8.12.6
cpe:/a:sendmail:sendmail:8.9.1Sendmail Sendmail 8.9.1
cpe:/a:sendmail:sendmail:8.8.8Sendmail Sendmail 8.8.8
cpe:/a:sendmail:sendmail:8.12:beta10Sendmail Sendmail 8.12 Beta10
cpe:/a:sendmail:sendmail:8.12.9Sendmail Sendmail 8.12.9
cpe:/a:sendmail:sendmail:8.12.2Sendmail Sendmail 8.12.2
cpe:/a:sendmail:sendmail:8.9.0Sendmail Sendmail 8.9.0
cpe:/a:sendmail:sendmail:8.11.5Sendmail Sendmail 8.11.5
cpe:/a:sendmail:sendmail:8.11.0Sendmail Sendmail 8.11
cpe:/a:sendmail:sendmail:8.10Sendmail Sendmail 8.10
cpe:/a:sendmail:sendmail:8.11.4Sendmail Sendmail 8.11.4
cpe:/a:sendmail:sendmail:8.12.10Sendmail Sendmail 8.12.10
cpe:/a:sendmail:sendmail:8.11.2Sendmail Sendmail 8.11.2
cpe:/a:sendmail:sendmail:8.12.7Sendmail Sendmail 8.12.7
cpe:/a:sendmail:sendmail:8.9.2Sendmail Sendmail 8.9.2
cpe:/a:sendmail:sendmail:8.10.1Sendmail Sendmail 8.10.1
cpe:/a:sendmail:sendmail:8.11.3Sendmail Sendmail 8.11.3
cpe:/a:sendmail:sendmail:8.12:beta7Sendmail Sendmail 8.12 beta7
cpe:/a:sendmail:sendmail:8.12.0Sendmail Sendmail 8.12.0
cpe:/a:sendmail:sendmail:8.12.3Sendmail Sendmail 8.12.3
cpe:/a:sendmail:sendmail:8.12.4Sendmail Sendmail 8.12.4
cpe:/a:sendmail:sendmail:8.12.8Sendmail Sendmail 8.12.8
cpe:/a:sendmail:sendmail:8.10.2Sendmail Sendmail 8.10.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2070
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2070
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200506-230
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/14047
(UNKNOWN)  BID  14047
http://seclists.org/lists/bugtraq/2005/Jun/0197.html
(VENDOR_ADVISORY)  BUGTRAQ  20050623 long sendmail timeouts let attacker prevent milter quiesce
http://www.novell.com/linux/security/advisories/2005_38_clamav.html
(UNKNOWN)  SUSE  SUSE-SA:2005:038
http://www.debian.org/security/2005/dsa-737
(UNKNOWN)  DEBIAN  DSA-737

- 漏洞信息

Sendmail 远程拒绝服务漏洞
中危 配置错误
2005-06-29 00:00:00 2005-10-20 00:00:00
远程  
        Sendmail是很多大型站点都在使用的邮件传输代理(MTA)。
        Sendmail的邮件过滤器(milter)接口存在远程拒绝服务漏洞,根据milter接口的不同配置,攻击者可能利用这个漏洞在受影响站点上绕过milter或拒绝之后进行邮件传输。
        起因是milter所配置的超长的默认超时。
        

- 公告与补丁

        目前厂商还没有提供补丁或者升级程序,建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        http://www.sendmail.org/

- 漏洞信息

17562
ClamAV clamav-milter Remote Connection Hold DoS
Remote / Network Access Denial of Service
Loss of Availability Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2005-06-23 2005-05-25
Unknow Unknow

- 解决方案

Upgrade to version 0.68.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Sendmail Milter Remote Denial Of Service Weakness
Configuration Error 14047
Yes No
2005-06-23 12:00:00 2009-07-12 04:06:00
Damian Menscher <menscher@uiuc.edu> reported this vulnerability.

- 受影响的程序版本

Sendmail Consortium Sendmail 8.12.11
Sendmail Consortium Sendmail 8.12.10
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Slackware Linux 8.1
+ Slackware Linux -current
+ Slackware Linux -current
+ Sun Solaris 9_x86
+ Sun Solaris 9
+ Sun Solaris 8_x86
+ Sun Solaris 8_sparc
+ Sun Solaris 7.0_x86
+ Sun Solaris 7.0
Sendmail Consortium Sendmail 8.12.9
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.8
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0 i386
+ Yellow Dog Linux 3.0
Sendmail Consortium Sendmail 8.12.7
+ OpenPKG OpenPKG 1.2
+ Slackware Linux 8.1
+ SOTLinux SOTLinux 2003 Desktop
+ SOTLinux SOTLinux 2003 Server
Sendmail Consortium Sendmail 8.12.6
+ Apple Mac OS X 10.2.4
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.7
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ OpenBSD OpenBSD 3.2
+ S.u.S.E. Linux 8.1
Sendmail Consortium Sendmail 8.12.5
+ Conectiva Linux 9.0
+ OpenBSD OpenBSD 3.2
Sendmail Consortium Sendmail 8.12.4
+ OpenBSD OpenBSD 3.2
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.3
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ FreeBSD FreeBSD 4.6
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Sendmail Consortium Sendmail 8.12.2
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ OpenBSD OpenBSD 3.1
Sendmail Consortium Sendmail 8.12.1
+ HP MPE/iX 7.5
+ HP MPE/iX 7.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Sendmail Consortium Sendmail 8.12 beta7
Sendmail Consortium Sendmail 8.12 beta5
Sendmail Consortium Sendmail 8.12 beta16
Sendmail Consortium Sendmail 8.12 beta12
Sendmail Consortium Sendmail 8.12 beta10
Sendmail Consortium Sendmail 8.12 .0
Sendmail Consortium Sendmail 8.11.7
Sendmail Consortium Sendmail 8.11.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ FreeBSD FreeBSD 4.5 -RELEASE
+ FreeBSD FreeBSD 4.5
+ FreeBSD FreeBSD 4.4
+ Immunix Immunix OS 7.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 6.2 i386
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ Sun Cobalt RaQ 550
+ Sun Linux 5.0.3
+ Sun Linux 5.0
Sendmail Consortium Sendmail 8.11.5
Sendmail Consortium Sendmail 8.11.4
+ Conectiva Linux 7.0
- Slackware Linux 8.0
Sendmail Consortium Sendmail 8.11.3
- MandrakeSoft Corporate Server 1.0.1
- Mandriva Linux Mandrake 8.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
- Slackware Linux 7.1
Sendmail Consortium Sendmail 8.11.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
Sendmail Consortium Sendmail 8.11.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 6.0
Sendmail Consortium Sendmail 8.11
+ Compaq Tru64 5.1 b
+ Compaq Tru64 5.1 a
+ Compaq Tru64 5.1
+ IBM AIX 5.2
+ IBM AIX 5.1
- Mandriva Linux Mandrake 7.2
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 7.0
+ SCO Open Server 5.0.6 a
+ SCO Open Server 5.0.6
+ SCO Open Server 5.0.5
+ SCO Open Server 5.0.4
Sendmail Consortium Sendmail 8.10.2
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt RaQ 4
+ Sun Cobalt RaQ XTR
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ4 3001R
Sendmail Consortium Sendmail 8.10.1
Sendmail Consortium Sendmail 8.10
Sendmail Consortium Sendmail 8.9.3
+ Compaq Tru64 5.1 PK5 (BL19)
+ Compaq Tru64 5.0 a PK3 (BL17)
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ IBM AIX 4.3.3
+ SGI IRIX 6.5.19
+ SGI IRIX 6.5.18 m
+ SGI IRIX 6.5.18 f
+ SGI IRIX 6.5.17 m
+ SGI IRIX 6.5.17 f
+ SGI IRIX 6.5.16 m
+ SGI IRIX 6.5.16 f
+ SGI IRIX 6.5.15 m
+ SGI IRIX 6.5.15 f
+ SGI IRIX 6.5.14 m
+ SGI IRIX 6.5.14 f
+ SGI IRIX 6.5.13 m
+ SGI IRIX 6.5.13 f
+ SGI IRIX 6.5.12 m
+ SGI IRIX 6.5.12 f
+ SGI IRIX 6.5.11 m
+ SGI IRIX 6.5.11 f
+ SGI IRIX 6.5.10 m
+ SGI IRIX 6.5.10 f
+ SGI IRIX 6.5.9 m
+ SGI IRIX 6.5.9 f
+ SGI IRIX 6.5.8 m
+ SGI IRIX 6.5.8 f
+ SGI IRIX 6.5.7 m
+ SGI IRIX 6.5.7 f
Sendmail Consortium Sendmail 8.9.2
Sendmail Consortium Sendmail 8.9.1
Sendmail Consortium Sendmail 8.9 .0
Sendmail Consortium Sendmail 8.8.8
+ Compaq Tru64 4.0 g PK3 (BL17)
+ Compaq Tru64 4.0 f PK7 (BL18)
+ SGI IRIX 6.5.6
+ SGI IRIX 6.5.5
+ SGI IRIX 6.5.4
+ SGI IRIX 6.5.3
+ SGI IRIX 6.5.2
+ SGI IRIX 6.5.1
+ SGI IRIX 6.5
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Conectiva Linux 10.0
Conectiva Linux 9.0

- 漏洞讨论

Sendmail is susceptible to a remote denial of service weakness in its milter interface. This issue is due to overly long default timeouts configured for milters.

This issue is demonstrated with ClamAV versions prior to 0.86. Any other milter that utilizes similar operating methods as the older ClamAV milter will also expose this vulnerability in Sendmail.

Depending on the configuration of the milter interface, attackers may either exploit this issue to bypass milters, or to deny further email delivery on affected sites.

- 漏洞利用

An exploit is not required.

- 解决方案

SuSE has released an advisory (SUSE-SA:2005:038) and fixes to address this issue. Please see the referenced advisory for further information.

Debian has released advisory DSA 737-1 to address various issues affecting clamav. Please see the referenced advisory for more information.

Conectiva Linux has released security announcement CLSA-2005:973 addressing this issue. Please see the referenced advisory for details on obtaining abd applying the appropriate updates.

Debian has released security advisory DSA 773-1 addressing several issues for their AMD64 port of the operating system. Please see the referenced advisory for further information.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站