CVE-2005-3182
CVSS7.5
发布时间 :2005-10-20 06:02:00
修订时间 :2016-10-17 23:33:19
NMCO    

[原文]Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.


[CNNVD]GFI MailSecurity for Exchange/SMTP Web界面远程溢出漏洞(CNNVD-200510-152)

        GFI MailSecurity for Exchange/SMTP是一种进行电子邮件内容检查、开发探测、危机分析以及反病毒的解决方案。
        GFI MailSecurity for Exchange/SMTP中存在远程缓冲区溢出漏洞。当Web管理界面处理畸形的HTTP请求时,远程攻击者就可以利用这个漏洞在目标系统上执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3182
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3182
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200510-152
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0290.html
(UNKNOWN)  FULLDISC  20051012 [SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow
http://kbase.gfi.com/showarticle.asp?id=KBID002451
(PATCH)  CONFIRM  http://kbase.gfi.com/showarticle.asp?id=KBID002451
http://marc.info/?l=bugtraq&m=112914475508191&w=2
(UNKNOWN)  BUGTRAQ  20051012 [SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow
http://securityreason.com/securityalert/74
(UNKNOWN)  SREASON  74
http://securitytracker.com/id?1015046
(UNKNOWN)  SECTRACK  1015046
http://www.securityfocus.com/bid/15081
(PATCH)  BID  15081

- 漏洞信息

GFI MailSecurity for Exchange/SMTP Web界面远程溢出漏洞
高危 缓冲区溢出
2005-10-20 00:00:00 2005-10-20 00:00:00
远程  
        GFI MailSecurity for Exchange/SMTP是一种进行电子邮件内容检查、开发探测、危机分析以及反病毒的解决方案。
        GFI MailSecurity for Exchange/SMTP中存在远程缓冲区溢出漏洞。当Web管理界面处理畸形的HTTP请求时,远程攻击者就可以利用这个漏洞在目标系统上执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        ftp://ftp.gfi.com/patches/MSEC8_PATCH_20050919_01.zip

- 漏洞信息

19926
GFI MailSecurity HTTP Management Interface Request Header Overflow
Remote / Network Access Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Unknown Vendor Verified

- 漏洞描述

A remote overflow exists in GFI MailSecurity. The product fails to validate the length of the 'Host' or 'Accept' header resulting in a buffer overflow. With a specially crafted request, an attacker can cause a Denial of Service or possibly system compromise resulting in a loss of integrity and/or availability.

- 时间线

2005-10-12 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, GFI has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站