CVE-2005-3425
CVSS4.3
发布时间 :2005-11-01 17:02:00
修订时间 :2008-09-05 16:54:21
NMCOPS    

[原文]Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.


[CNNVD]GNU gnump3d未明的跨站脚本攻击漏洞(CNNVD-200511-031)

        GNUMP3d 是一款小巧易用的流媒体服务器。
        GNUMP3D 2.9.6之前版本中的跨站脚本攻击(XSS)漏洞可让远程攻击者通过未指定的矢量注入任意Web脚本或HTML。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:gnu:gnump3d:2.9.3GNU GNUMP3D 2.9.3
cpe:/a:gnu:gnump3d:2.9.2GNU GNUMP3D 2.9.2
cpe:/a:gnu:gnump3d:2.5GNU GNUMP3D 2.5
cpe:/a:gnu:gnump3d:2.6GNU GNUMP3D 2.6
cpe:/a:gnu:gnump3d:2.9GNU GNUMP3D 2.9
cpe:/a:gnu:gnump3d:2.9.5GNU GNUMP3D 2.9.5
cpe:/a:gnu:gnump3d:2.1GNU GNUMP3D 2.1
cpe:/a:gnu:gnump3d:2.3GNU GNUMP3D 2.3
cpe:/a:gnu:gnump3d:2.5bGNU GNUMP3D 2.5b
cpe:/a:gnu:gnump3d:2.2GNU GNUMP3D 2.2
cpe:/a:gnu:gnump3d:2.8GNU GNUMP3D 2.8
cpe:/a:gnu:gnump3d:2.7GNU GNUMP3D 2.7
cpe:/a:gnu:gnump3d:2.9.1GNU GNUMP3D 2.9.1
cpe:/a:gnu:gnump3d:2.9.4GNU GNUMP3D 2.9.4
cpe:/a:gnu:gnump3d:2.4GNU GNUMP3D 2.4
cpe:/a:gnu:gnump3d:2.0GNU GNUMP3D 2.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3425
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3425
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200511-031
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2005/dsa-877
(VENDOR_ADVISORY)  DEBIAN  DSA-877
http://www.gnu.org/software/gnump3d/ChangeLog
(UNKNOWN)  CONFIRM  http://www.gnu.org/software/gnump3d/ChangeLog
http://securitytracker.com/id?1015118
(UNKNOWN)  SECTRACK  1015118
http://www.securityfocus.com/bid/15341
(UNKNOWN)  BID  15341
http://www.novell.com/linux/security/advisories/2005_28_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:028
http://secunia.com/advisories/17831
(UNKNOWN)  SECUNIA  17831
http://secunia.com/advisories/17449
(UNKNOWN)  SECUNIA  17449
http://secunia.com/advisories/17355
(UNKNOWN)  SECUNIA  17355
http://secunia.com/advisories/17351
(UNKNOWN)  SECUNIA  17351

- 漏洞信息

GNU gnump3d未明的跨站脚本攻击漏洞
中危 跨站脚本
2005-11-01 00:00:00 2005-11-15 00:00:00
远程  
        GNUMP3d 是一款小巧易用的流媒体服务器。
        GNUMP3D 2.9.6之前版本中的跨站脚本攻击(XSS)漏洞可让远程攻击者通过未指定的矢量注入任意Web脚本或HTML。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        GNU gnump3d 2.9
        GNU gnump3d v2.9.6
        http://www.gnu.org/software/gnump3d/download.html#Download
        GNU gnump3d 2.9.1
        GNU gnump3d v2.9.6
        http://www.gnu.org/software/gnump3d/download.html#Download
        GNU gnump3d 2.9.2
        GNU gnump3d v2.9.6
        http://www.gnu.org/software/gnump3d/download.html#Download
        GNU gnump3d 2.9.3
        GNU gnump3d v2.9.6
        http://www.gnu.org/software/gnump3d/download.html#Download
        GNU gnump3d 2.9.4
        GNU gnump3d v2.9.6
        http://www.gnu.org/software/gnump3d/download.html#Download
        GNU gnump3d 2.9.5
        GNU gnump3d v2.9.6
        http://www.gnu.org/software/gnump3d/download.html#Download

- 漏洞信息 (F41359)

Gentoo Linux Security Advisory 200511-5 (PacketStormID:F41359)
2005-11-08 00:00:00
Gentoo  security.gentoo.org
advisory,xss
linux,gentoo
CVE-2005-3424,CVE-2005-3425,CVE-2005-3123
[点击下载]

Gentoo Linux Security Advisory GLSA 200511-05 - Steve Kemp reported about two cross-site scripting attacks that are related to the handling of files. Also reported is a directory traversal vulnerability which comes from the attempt to sanitize input paths. Versions less than 2.9.7 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200511-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: GNUMP3d: Directory traversal and XSS vulnerabilities
      Date: November 06, 2005
      Bugs: #109667
        ID: 200511-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

GNUMP3d is vulnerable to directory traversal and cross-site scripting
attacks that may result in information disclosure or the compromise of
a browser.

Background
==========

GNUMP3d is a streaming server for MP3s, OGG vorbis files, movies and
other media formats.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /  Vulnerable  /                  Unaffected
    -------------------------------------------------------------------
  1  media-sound/gnump3d       < 2.9.7                        >= 2.9.7

Description
===========

Steve Kemp reported about two cross-site scripting attacks that are
related to the handling of files (CVE-2005-3424, CVE-2005-3425). Also
reported is a directory traversal vulnerability which comes from the
attempt to sanitize input paths (CVE-2005-3123).

Impact
======

A remote attacker could exploit this to disclose sensitive information
or inject and execute malicious script code, potentially compromising
the victim's browser.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All GNUMP3d users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-sound/gnump3d-2.9.7"

References
==========

  [ 1 ] CVE-2005-3123
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3123
  [ 2 ] CVE-2005-3424
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3424
  [ 3 ] CVE-2005-3425
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3425

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200511-05.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0
    

- 漏洞信息

20723
GNUMP3d Unspecified XSS
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-10-28 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.9.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GNU gnump3d Unspecified Cross-Site Scripting Vulnerability
Input Validation Error 15341
Yes No
2005-11-07 12:00:00 2005-11-07 12:00:00
Discovery credited to Steve Kemp.

- 受影响的程序版本

SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
GNU gnump3d 2.9.5
+ Gentoo Linux
GNU gnump3d 2.9.4
GNU gnump3d 2.9.3
GNU gnump3d 2.9.2
GNU gnump3d 2.9.1
GNU gnump3d 2.9
Gentoo Linux
GNU gnump3d 2.9.6

- 不受影响的程序版本

GNU gnump3d 2.9.6

- 漏洞讨论

GNU gnump3d is prone to an unspecified cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

This issue is similar to that discussed in BID 15226 (GNU gnump3d Error Page Cross-Site Scripting Vulnerability) but is a seperate issue.

- 漏洞利用

An exploit is not required.

- 解决方案

Gentoo has released advisory GLSA 200511-05 to address this issue. Gentoo updates may be applied by running the following commands as the superuser:

emerge --sync
emerge --ask --oneshot --verbose ">=media-sound/gnump3d-2.9.7"

SUSE has released advisory SUSE-SR:2005:027 to address this, and other issues in various packages, in various SUSE products. The advisory states that there are pending fixes for this issue in SUSE products. Please see the referenced advisory for further information.

SUSE advisory SUSE-SR:2005:028 is available to address various issues. Please see the referenced advisory for more information.

A fix is available:


GNU gnump3d 2.9

GNU gnump3d 2.9.1

GNU gnump3d 2.9.2

GNU gnump3d 2.9.3

GNU gnump3d 2.9.4

GNU gnump3d 2.9.5

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站