CVE-2005-3934
CVSS7.8
发布时间 :2005-12-01 01:03:00
修订时间 :2011-03-07 21:27:24
NMCOS    

[原文]Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.


[CNNVD]pcAnywhere认证拒绝服务漏洞(CNNVD-200512-027)

        Symantec pcAnywhere是全球最畅销的用于管理服务器和提供管理人员支持的远程控制解决方案。
        pcAnywhere在处理特制消息的时候存在溢出漏洞,可能导致拒绝服务。由于溢出发生在认证之前,因此远程攻击者无需有效的凭据便可利用这个漏洞。

- CVSS (基础分值)

CVSS分值: 7.8 [严重(HIGH)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:symantec:pcanywhere:9.0.1Symantec PCAnywhere 9.0.1
cpe:/a:symantec:pcanywhere:11.5.1Symantec PCAnywhere 11.5.1
cpe:/a:symantec:pcanywhere:9.2Symantec PCAnywhere 9.2
cpe:/a:symantec:pcanywhere:9.0Symantec PCAnywhere 9.0
cpe:/a:symantec:pcanywhere:11.5Symantec PCAnywhere 11.5
cpe:/a:symantec:pcanywhere:11.0Symantec PCAnywhere 11.0
cpe:/a:symantec:pcanywhere:11.0.1Symantec PCAnywhere 11.0.1
cpe:/a:symantec:pcanywhere:10.5Symantec PCAnywhere 10.5
cpe:/a:symantec:pcanywhere:8.0.1Symantec PCAnywhere 8.0.1
cpe:/a:symantec:pcanywhere:10.0Symantec PCAnywhere 10.0
cpe:/a:symantec:pcanywhere:8.0.2Symantec PCAnywhere 8.0.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3934
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3934
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-027
(官方数据源) CNNVD

- 其它链接及资源

http://www.symantec.com/avcenter/security/Content/2005.11.29.html
(VENDOR_ADVISORY)  CONFIRM  http://www.symantec.com/avcenter/security/Content/2005.11.29.html
http://www.vupen.com/english/advisories/2005/2658
(UNKNOWN)  VUPEN  ADV-2005-2658
http://www.securityfocus.com/bid/15646
(VENDOR_ADVISORY)  BID  15646
http://secunia.com/advisories/17797
(VENDOR_ADVISORY)  SECUNIA  17797
http://xforce.iss.net/xforce/xfdb/23298
(UNKNOWN)  XF  symantec-pcanywhere-bo(23298)
http://securitytracker.com/id?1015284
(UNKNOWN)  SECTRACK  1015284

- 漏洞信息

pcAnywhere认证拒绝服务漏洞
高危 缓冲区溢出
2005-12-01 00:00:00 2005-12-01 00:00:00
远程  
        Symantec pcAnywhere是全球最畅销的用于管理服务器和提供管理人员支持的远程控制解决方案。
        pcAnywhere在处理特制消息的时候存在溢出漏洞,可能导致拒绝服务。由于溢出发生在认证之前,因此远程攻击者无需有效的凭据便可利用这个漏洞。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://www.symantec.com/techsupp/files/pca/index.html

- 漏洞信息

21245
Symantec pcAnywhere Unspecified Pre-authentication Overflow DoS
Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-11-29 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

pcAnywhere Authentication Denial of Service Vulnerability
Boundary Condition Error 15646
Yes No
2005-11-29 12:00:00 2006-02-07 08:55:00
Credited to Tal of See-Security technologies Ltd.

- 受影响的程序版本

Symantec pcAnywhere 11.5.1
Symantec pcAnywhere 11.5
Symantec pcAnywhere 11.0.1
Symantec pcAnywhere 11.0
Symantec pcAnywhere 10.5
Symantec pcAnywhere 10.0
Symantec pcAnywhere 9.2
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Symantec pcAnywhere 9.0.1
Symantec pcAnywhere 9.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Symantec pcAnywhere 8.0.2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Symantec pcAnywhere 8.0.1
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0

- 漏洞讨论

Symantec pcAnywhere is vulnerable to a buffer overflow vulnerability. Because the flaw can be triggered prior to authentication, the vulnerability is exploitable by remote attackers without valid credentials. It is confirmed that the vulnerability can be exploited to cause a denial of service. Supported versions 11.0.1 and 11.5.1 are confirmed affected. Previous versions are vulnerable and users are advised to upgrade to the latest supported version.

Patches are available.

- 漏洞利用

An exploit (pcanywhere_dos.pl) has been supplied by David Maciejak.

Exploit code (pcanywhere_dos.pl) has been updated.

- 解决方案

Patches are available at the following locations.

Consumer versions of pcAnywhere:

http://www.symantec.com/techsupp/files/pca/index.html

Enterprise versions of pcAnywhere:

http://www.symantec.com/techsupp/enterprise/products/spca/files.html

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站