CVE-2005-3183
CVSS4.3
发布时间 :2005-10-12 18:02:00
修订时间 :2010-08-21 00:33:17
NMCOPS    

[原文]The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.


[CNNVD]W3C Libwww MIME信息 拒绝服务漏洞(CNNVD-200510-062)

        Libwww 是一个高度模组化用户端的网页存取API ,用C语言写成,可在 Unix 和 Windows 上运行。
        W3C libwww (w3c-libwww)的HTBound.c中的HTBoundary_put_block 函数可以使远程服务器借助一个可触发越界读取的特制multipart/byteranges MIME信息,引起拒绝服务(分段故障)。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-20 [输入验证不恰当]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9653The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3183
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3183
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200510-062
(官方数据源) CNNVD

- 其它链接及资源

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159597
(VENDOR_ADVISORY)  CONFIRM  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159597
http://www.ubuntulinux.org/support/documentation/usn/usn-220-1
(UNKNOWN)  UBUNTU  USN-220-1
http://www.securityfocus.com/bid/15035
(UNKNOWN)  BID  15035
http://www.securityfocus.com/advisories/9445
(UNKNOWN)  FEDORA  FEDORA-2005-952
http://www.securityfocus.com/advisories/9444
(UNKNOWN)  FEDORA  FEDORA-2005-953
http://www.redhat.com/support/errata/RHSA-2007-0208.html
(UNKNOWN)  REDHAT  RHSA-2007:0208
http://secunia.com/advisories/25098
(UNKNOWN)  SECUNIA  25098
http://secunia.com/advisories/19193
(UNKNOWN)  SECUNIA  19193
http://secunia.com/advisories/17814
(UNKNOWN)  SECUNIA  17814
http://secunia.com/advisories/17489
(UNKNOWN)  SECUNIA  17489
http://secunia.com/advisories/17122
(UNKNOWN)  SECUNIA  17122
http://secunia.com/advisories/17119
(UNKNOWN)  SECUNIA  17119
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
(UNKNOWN)  SCO  SCOSA-2006.10
http://www.mandriva.com/security/advisories?name=MDKSA-2005:210
(UNKNOWN)  MANDRIVA  MDKSA-2005:210

- 漏洞信息

W3C Libwww MIME信息 拒绝服务漏洞
中危 输入验证
2005-10-12 00:00:00 2007-10-03 00:00:00
远程  
        Libwww 是一个高度模组化用户端的网页存取API ,用C语言写成,可在 Unix 和 Windows 上运行。
        W3C libwww (w3c-libwww)的HTBound.c中的HTBoundary_put_block 函数可以使远程服务器借助一个可触发越界读取的特制multipart/byteranges MIME信息,引起拒绝服务(分段故障)。

- 公告与补丁

        暂无数据

- 漏洞信息 (F41443)

Mandriva Linux Security Advisory 2005.210 (PacketStormID:F41443)
2005-11-10 00:00:00
Mandriva  mandriva.com
advisory,remote,denial of service
linux,mandriva
CVE-2005-3183
[点击下载]

Mandriva Linux Security Advisory - Sam Varshavchik discovered the HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2005:210
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : w3c-libwww
 Date    : November 9, 2005
 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 Sam Varshavchik discovered the  HTBoundary_put_block function 
 in HTBound.c for W3C libwww (w3c-libwww) allows remote servers 
 to cause a denial of service (segmentation fault) via a crafted 
 multipart/byteranges MIME message that triggers an out-of-bounds
 read.
 
 The updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3183
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 10.1:
 0028a9950c115d5d12bfbee15c9a1faf  10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.i586.rpm
 4a3be6811dd6d050d0d71b19529a3981  10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.i586.rpm
 fce977cbc39a6bb745fe2be4735894d6  10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.i586.rpm
 970c882bb1726148859331e261b7decc  10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm

 Mandriva Linux 10.1/X86_64:
 230dab77e0420b4b5e71621f7aa4bb03  x86_64/10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.x86_64.rpm
 79a88076028dc9f67143b18f469bcfe7  x86_64/10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.x86_64.rpm
 9a593f8e9c24188e67d99d0f0cfefccd  x86_64/10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.x86_64.rpm
 970c882bb1726148859331e261b7decc  x86_64/10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm

 Mandriva Linux 10.2:
 dedea2c8f6044a7e8e926dec7aacb7b6  10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.i586.rpm
 a23c0a0492d5e3283f2ba1f5011ac6e0  10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.i586.rpm
 58a644897fa5b4bd4758f1fd796b333f  10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.i586.rpm
 6325ed733dd1288eed4b7cadd761efb4  10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm

 Mandriva Linux 10.2/X86_64:
 a9eb35e0a8911a6d0f4ca62835ccf11b  x86_64/10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.x86_64.rpm
 2bf2c665aa0457e3fd4477bf3bc420ed  x86_64/10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.x86_64.rpm
 a32352084a5e6b4e596149e9f70b2e0e  x86_64/10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.x86_64.rpm
 6325ed733dd1288eed4b7cadd761efb4  x86_64/10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm

 Mandriva Linux 2006.0:
 90a6b76b0348b44b0e27bea010b4eb49  2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.i586.rpm
 c3110ef8841c42bca06d7bec5a735dfc  2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.i586.rpm
 3ce9cb49c20992d28dbcef5279320a2e  2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.i586.rpm
 aa2513983ebff77a377f050a03f0f709  2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 211a4e31b787234053b57a98649ba4dd  x86_64/2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.x86_64.rpm
 3202bdeae1f581a5bd96ac36c3fc9343  x86_64/2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.x86_64.rpm
 3b38bfd1666b8a7f2ee06279b8bc9c02  x86_64/2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.x86_64.rpm
 aa2513983ebff77a377f050a03f0f709  x86_64/2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm

 Corporate Server 2.1:
 7a89ba5572926683e96c33e77f3ac90c  corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.i586.rpm
 d6bae42a8ce8464b5939768a8db0984b  corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.i586.rpm
 94fc975b58d69415229a07c72208d68b  corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.i586.rpm
 658ef36b9237c32c8b8b2242d784b649  corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 79b5a6c4cb509f8006d3ec99632f2ad6  x86_64/corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.x86_64.rpm
 b094ee750ad39cbb3ca4a3cbd8691e4b  x86_64/corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.x86_64.rpm
 703d42ad6034c04f67965ce7c7d85c68  x86_64/corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.x86_64.rpm
 658ef36b9237c32c8b8b2242d784b649  x86_64/corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm

 Corporate 3.0:
 694c85995c941cdba2192fe97e5ec059  corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.i586.rpm
 19f8b7186d1a89b35e09e361ef886b71  corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.i586.rpm
 2bc46f631fbaa3c76c34d68379a98a1d  corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.i586.rpm
 fbcc5c240ba9a1393630d104348b8f0d  corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 4338a82df1ad722c4db049093c2ce40e  x86_64/corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.x86_64.rpm
 1b0b167065556a599eb495a7bded51d1  x86_64/corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.x86_64.rpm
 979feebbff0b283e480d223332369cbd  x86_64/corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.x86_64.rpm
 fbcc5c240ba9a1393630d104348b8f0d  x86_64/corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDcnlMmqjQ0CJFipgRAjGwAJ40Z6rAFU0GwRsqzj7lgZX6B531gwCeItNf
f2A0d4XLb7CxvwcEU2x/BVs=
=81Jq
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息

19952
W3C Libwww Multipart MIME Data Handling DoS
Remote / Network Access Denial of Service
Loss of Availability Third-Party Solution
Exploit Unknown Third-party Verified

- 漏洞描述

Libwww contains a flaw in the handling of multipart MIME data that may allow a remote denial of service. The issue is due to an error in the 'HTBoundary_put_block()' function. With a specially crafted request containing malformed multipart MIME data, a remote attacker can cause the program that uses that library to crash.

- 时间线

2005-10-07 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or vendor upgrades to correct this issue. However, Sam Varshavchik has released an unofficial patch and multiple Linux distributions have released an upgrade to address this vulnerability. Check the related advisories, changelogs, or solutions in the references section for details. As with all third-party solutions, ensure they come from a reliable source and are permitted under your company's security policy.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

W3C Libwww Multiple Vulnerabilities
Unknown 15035
Yes No
2005-10-07 12:00:00 2007-05-01 10:49:00
These issues were disclosed in Fedora advisories.

- 受影响的程序版本

W3C Libwww 5.4
+ Red Hat Fedora Core4
+ Red Hat Fedora Core3
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
SCO Open Server 6.0
SCO Open Server 5.0.7
SCO Open Server 5.0.6 a
SCO Open Server 5.0.6
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
Red Hat Enterprise Linux AS 4
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Conectiva Linux 10.0

- 漏洞讨论

W3C Libwww is prone to multiple vulnerabilities.

These issues include a buffer-overflow vulnerability and some issues related to the handling of multipart/byteranges content.

Libwww 5.4.0 is reported to be vulnerable. Other versions may be affected as well. These issues may also be exploited through other applications that implement the library.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

Please see the referenced vendor advisories for more information.


SCO Open Server 5.0.6

SCO Open Server 5.0.7

W3C Libwww 5.4

SCO Open Server 6.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站