CVE-2005-3694
CVSS7.8
发布时间 :2005-11-20 15:03:00
修订时间 :2008-09-05 16:55:03
NMCOPS    

[原文]centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus.


[CNNVD]CenterICQ形态异常的数据包处理远程拒绝服务漏洞(CNNVD-200511-279)

        CenterICQ是一款即时通信软件。
        设置了"启用对等通讯"的centericq 4.20.0-r3,可让远程攻击者通过很短的零长度数据包,也可能是长度为1或2的数据包,使系统拒绝服务(分段错误和崩溃),如使用Nessus所示。

- CVSS (基础分值)

CVSS分值: 7.8 [严重(HIGH)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3694
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200511-279
(官方数据源) CNNVD

- 其它链接及资源

https://bugs.gentoo.org/show_bug.cgi?id=100519
(UNKNOWN)  CONFIRM  https://bugs.gentoo.org/show_bug.cgi?id=100519
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089
(VENDOR_ADVISORY)  CONFIRM  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334089
http://xforce.iss.net/xforce/xfdb/23327
(UNKNOWN)  XF  centericq-zero-length-dos(23327)
http://www.securityfocus.com/bid/15649
(UNKNOWN)  BID  15649
http://www.osvdb.org/21270
(UNKNOWN)  OSVDB  21270
http://www.debian.org/security/2005/dsa-912
(UNKNOWN)  DEBIAN  DSA-912
http://security.gentoo.org/glsa/glsa-200512-11.xml
(UNKNOWN)  GENTOO  GLSA-200512-11
http://secunia.com/advisories/18081
(UNKNOWN)  SECUNIA  18081
http://secunia.com/advisories/17818
(UNKNOWN)  SECUNIA  17818
http://secunia.com/advisories/17798
(UNKNOWN)  SECUNIA  17798

- 漏洞信息

CenterICQ形态异常的数据包处理远程拒绝服务漏洞
高危 其他
2005-11-20 00:00:00 2005-11-21 00:00:00
远程  
        CenterICQ是一款即时通信软件。
        设置了"启用对等通讯"的centericq 4.20.0-r3,可让远程攻击者通过很短的零长度数据包,也可能是长度为1或2的数据包,使系统拒绝服务(分段错误和崩溃),如使用Nessus所示。

- 公告与补丁

        暂无数据

- 漏洞信息 (F42018)

Debian Linux Security Advisory 912-1 (PacketStormID:F42018)
2005-12-02 00:00:00
Debian  security.debian.org
advisory,protocol
linux,debian
CVE-2005-3694
[点击下载]

Debian Security Advisory DSA 912-1 - Wernfried Haas discovered that centericq, a text-mode multi-protocol instant messenger client, can crash when it receives certain zero length packets and is directly connected to the Internet.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 912-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 30th, 2005                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : centericq
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2005-3694
Debian Bug     : 334089

Wernfried Haas discovered that centericq, a text-mode multi-protocol
instant messenger client, can crash when it receives certain zero
length packets and is directly connected to the Internet.

For the old stable distribution (woody) this problem has been fixed in
version 4.5.1-1.1woody1.

For the stable distribution (sarge) this problem has been fixed in
version 4.20.0-1sarge3.

For the unstable distribution (sid) this problem has been fixed in
version 4.21.0-4.

We recommend that you upgrade your centericq package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1.dsc
      Size/MD5 checksum:      603 adc70e793721c0968ca4502ae3698e37
    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1.diff.gz
      Size/MD5 checksum:     3655 582ef0aecc37162611871ae159a5a2a1
    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1.orig.tar.gz
      Size/MD5 checksum:   680625 e50121ea43a54140939b7bec8efdefe0

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_alpha.deb
      Size/MD5 checksum:   868548 43f1db770fa8fe7cf8d03e7bddbc97e7

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_arm.deb
      Size/MD5 checksum:   809002 7af9b13e885f9a3e4bc2324fc74318d3

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_i386.deb
      Size/MD5 checksum:   648688 3229599d676695a14160215f39bb473d

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_ia64.deb
      Size/MD5 checksum:   930848 6d54ca84f2861499702019cd50d9c351

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_hppa.deb
      Size/MD5 checksum:   821280 2ca221ccebbf2dae0ff30a198defd08b

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_m68k.deb
      Size/MD5 checksum:   611984 a1e44d2f4cd3c52700295a72dfce1868

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_mips.deb
      Size/MD5 checksum:   649002 edd2b6f73fec90e3e7142093bb3c6b3e

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_mipsel.deb
      Size/MD5 checksum:   634442 987c44dbb499ab61b7d2b254bc9ff984

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_powerpc.deb
      Size/MD5 checksum:   633166 41ab0b819882d62ec6467a4d7542ce1f

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_s390.deb
      Size/MD5 checksum:   534784 7fb270cf1f195514510aef8445b2ece6

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.5.1-1.1woody1_sparc.deb
      Size/MD5 checksum:   617274 d284648d4388edddf349130e9ed13332


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3.dsc
      Size/MD5 checksum:      875 5d132cb379014c621fc81232baf9ae4f
    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3.diff.gz
      Size/MD5 checksum:   106011 259f44fb98da9322ff61a6ab36df6fbc
    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0.orig.tar.gz
      Size/MD5 checksum:  1796894 874165f4fbd40e3be677bdd1696cee9d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_alpha.deb
      Size/MD5 checksum:  1650464 6757ab69461655c915f01c2ffb03e7cd
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_alpha.deb
      Size/MD5 checksum:   335886 7dcf13f17f952cc36802f7732dcf67a5
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_alpha.deb
      Size/MD5 checksum:  1651492 f3412af4c8f8310d2e21fc4155582ca8
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_alpha.deb
      Size/MD5 checksum:  1650508 9436f313af694fbe9ec97da7a168b9c4

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_amd64.deb
      Size/MD5 checksum:  1355448 6e94f8aa9438a489bd94369a1655c475
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_amd64.deb
      Size/MD5 checksum:   335908 bd7fb5325d61c02add148be10d8c2f40
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_amd64.deb
      Size/MD5 checksum:  1355704 399b6045d35c21d7d767ccc6755662e1
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_amd64.deb
      Size/MD5 checksum:  1355498 9da6bce36bfd754e09ad91d65484ba39

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_arm.deb
      Size/MD5 checksum:  2185402 598cb4714af77dda74e956a7f13c0355
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_arm.deb
      Size/MD5 checksum:   336006 4f8fd48660de8d67581aeaaf7fc26dfa
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_arm.deb
      Size/MD5 checksum:  2186270 92a29d09e5630bf9e4029811b487aadf
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_arm.deb
      Size/MD5 checksum:  2185456 38e3f614efa5f448bdae8f2fd68eb929

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_i386.deb
      Size/MD5 checksum:  1348784 6d32e6d410250dbc7a220ad8d5a563a6
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_i386.deb
      Size/MD5 checksum:   336626 7628a48c891b62253369c5f6d0fd1272
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_i386.deb
      Size/MD5 checksum:  1349606 902e8f158e71b9a21de69d586941f090
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_i386.deb
      Size/MD5 checksum:  1348864 e38a08c798ad303c66c1ef313faee73f

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_ia64.deb
      Size/MD5 checksum:  1881326 29a00f7babe9fcbd3031d7b3d032bf53
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_ia64.deb
      Size/MD5 checksum:   335884 0d8612578ca347c502d04ea5cd1b4e4e
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_ia64.deb
      Size/MD5 checksum:  1882224 fc679fe6d852efb6e9e3d8d1888d525f
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_ia64.deb
      Size/MD5 checksum:  1881394 ffda1eed53efc1f8599fcb837cd66cc0

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_hppa.deb
      Size/MD5 checksum:  1812462 f253748c6a8bf09d31db8dd5f5554ad0
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_hppa.deb
      Size/MD5 checksum:   336634 1aa8cbb6f893217af25cc5af5e9bdc0c
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_hppa.deb
      Size/MD5 checksum:  1813518 3e6083c3e3438ebc40fd21ee414e2c3b
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_hppa.deb
      Size/MD5 checksum:  1812508 68a3677b2dac459f970834975f912b31

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_m68k.deb
      Size/MD5 checksum:  1399430 44c35ad2e854ab372a8a1491842e0956
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_m68k.deb
      Size/MD5 checksum:   336720 bd4440ba3d65a24caa97b0438aaaa5c0
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_m68k.deb
      Size/MD5 checksum:  1400044 7cda71a1524e83942e82c6de54dba1d3
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_m68k.deb
      Size/MD5 checksum:  1399462 37249094705dc33b8f56e8b042c6f519

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_mips.deb
      Size/MD5 checksum:  1493070 1dfa1f92a38b12c7643711db57d63d58
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_mips.deb
      Size/MD5 checksum:   336634 a1c3383dcd7a2be6a57c3b9e140b63ff
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_mips.deb
      Size/MD5 checksum:  1493688 bb4f5026b751a06335dddbbf10396726
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_mips.deb
      Size/MD5 checksum:  1493134 c1edf7389fa031bd22e93e87efaf56ad

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_mipsel.deb
      Size/MD5 checksum:  1483286 f41bb70b6c3e94b9d34382070f1b904a
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_mipsel.deb
      Size/MD5 checksum:   335926 95d59321de2d69437a51dd57cc3f3968
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_mipsel.deb
      Size/MD5 checksum:  1483854 5304d58c141da6d498bd1ca44257a00f
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_mipsel.deb
      Size/MD5 checksum:  1483342 965a7c6b445968094da416ef59155e94

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_powerpc.deb
      Size/MD5 checksum:  1385102 b461f814a843a99cf02279c38c2a13c1
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_powerpc.deb
      Size/MD5 checksum:   336630 c52ee41c89e18fe67ed255f6ed06b391
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_powerpc.deb
      Size/MD5 checksum:  1385672 561fd887df51fd281fb1b00a4705dec5
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_powerpc.deb
      Size/MD5 checksum:  1385268 5e2818805952871d4385d3f83dc1446e

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_s390.deb
      Size/MD5 checksum:  1193992 85972c3db828122d8bf3587b5aab56cf
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_s390.deb
      Size/MD5 checksum:   336612 d4ea593319ad2cd29ae841ba41dec7fc
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_s390.deb
      Size/MD5 checksum:  1194290 29fb2417371e7883551312f71e2cd452
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_s390.deb
      Size/MD5 checksum:  1194030 c383023e1dad16a48cba3699bf978bc4

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge3_sparc.deb
      Size/MD5 checksum:  1325960 2d36893524353a685bc15a02f7cdfcfe
    http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge3_sparc.deb
      Size/MD5 checksum:   336630 5903d1d68b6a0bc21fbd09e2b668827b
    http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge3_sparc.deb
      Size/MD5 checksum:  1326906 6e5d6c3230ce3cef504608f8e7472c43
    http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge3_sparc.deb
      Size/MD5 checksum:  1325994 7192ffdae9ca8748d9cca9453789075d


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDjYS0W5ql+IAeqTIRAgdyAKCLetoesxdMuGpZTNt+O0fVWkGT8QCeI27n
+TR51zT0OCckUOTbizWQqVE=
=on4o
-----END PGP SIGNATURE-----

    

- 漏洞信息

21270
Centericq Zero Length Packet Remote DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

Centericq contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a zero length packet to the Centericq client, and will result in loss of availability for Centericq.

- 时间线

2005-11-30 Unknow
2005-11-30 Unknow

- 解决方案

Upgrade to version 4.21.0-r1 or higher, as it has been reported to fix this vulnerability. In addition, various Linux distributions have released patches for some older versions.

- 相关参考

- 漏洞作者

- 漏洞信息

CenterICQ Malformed Packet Handling Remote Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 15649
Yes No
2005-11-30 12:00:00 2006-04-11 09:42:00
Discovered by Wernfried Haas.

- 受影响的程序版本

Gentoo Linux
Centericq Centericq 4.20
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Centericq Centericq 4.5.1
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0

- 漏洞讨论

CenterICQ is prone to a remote denial-of-service vulnerability.

The vulnerability presents itself when the client is running on a computer that is directly connected to the Internet and handles malformed packets on the listening port for ICQ messages.

A successful attack can cause the client to crash.

- 漏洞利用

The following proof-of-concept exploit is available:

- 解决方案


Please see the referenced advisories for more information.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.commailto:vuldb@securityfocus.com


Centericq Centericq 4.20

Centericq Centericq 4.5.1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站