CVE-2005-4153
CVSS7.8
发布时间 :2005-12-10 21:03:00
修订时间 :2010-08-21 00:00:00
NMCOPS    

[原文]Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.


[CNNVD]GNU Mailman大型日期数据拒绝服务漏洞(CNNVD-200512-183)

        Mailman 2.1.4至2.1.6存在大型日期数据拒绝服务漏洞,远程攻击者可以通过导致服务器"因处理消息中有错误日期数据引起溢出而失败"的消息,使系统拒绝服务。

- CVSS (基础分值)

CVSS分值: 7.8 [严重(HIGH)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:gnu:mailman:2.1.5GNU Mailman 2.1.5
cpe:/a:gnu:mailman:2.1.4GNU Mailman 2.1.4
cpe:/a:gnu:mailman:2.1.6GNU Mailman 2.1.6

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10660Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overf...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4153
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-183
(官方数据源) CNNVD

- 其它链接及资源

http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:222
(VENDOR_ADVISORY)  MANDRIVA  MDKSA-2005:222
http://xforce.iss.net/xforce/xfdb/23139
(UNKNOWN)  XF  mailman-utf8-scrubber-dos(23139)
http://www.ubuntu.com/usn/usn-242-1
(UNKNOWN)  UBUNTU  USN-242-1
http://www.trustix.org/errata/2006/0012/
(UNKNOWN)  TRUSTIX  2006-0012
http://www.securityfocus.com/bid/16248
(UNKNOWN)  BID  16248
http://www.redhat.com/support/errata/RHSA-2006-0204.html
(UNKNOWN)  REDHAT  RHSA-2006:0204
http://www.osvdb.org/21723
(UNKNOWN)  OSVDB  21723
http://www.debian.org/security/2006/dsa-955
(UNKNOWN)  DEBIAN  DSA-955
http://secunia.com/advisories/19532
(VENDOR_ADVISORY)  SECUNIA  19532
http://secunia.com/advisories/19196
(VENDOR_ADVISORY)  SECUNIA  19196
http://secunia.com/advisories/19167
(VENDOR_ADVISORY)  SECUNIA  19167
http://secunia.com/advisories/18612
(VENDOR_ADVISORY)  SECUNIA  18612
http://secunia.com/advisories/18456
(VENDOR_ADVISORY)  SECUNIA  18456
http://secunia.com/advisories/18449
(VENDOR_ADVISORY)  SECUNIA  18449
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
(UNKNOWN)  SGI  20060401-01-U

- 漏洞信息

GNU Mailman大型日期数据拒绝服务漏洞
高危 缓冲区溢出
2005-12-10 00:00:00 2006-06-09 00:00:00
远程  
        Mailman 2.1.4至2.1.6存在大型日期数据拒绝服务漏洞,远程攻击者可以通过导致服务器"因处理消息中有错误日期数据引起溢出而失败"的消息,使系统拒绝服务。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://prdownloads.sourceforge.net/mailman/mailman-2.1.7.tgz?
        http://www1.mandrivalinux.com/en/ftp.php3
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8sarge1_alpha.deb
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8sarge1_mips.deb
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8sarge1_powerpc.deb
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8sarge1_s390.deb
        http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8sarge1_sparc.deb
        http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.2_amd64.deb
        http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.2_i386.deb
        http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.2_powerpc.deb
        http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.3_amd64.deb

- 漏洞信息 (F43253)

Ubuntu Security Notice 242-1 (PacketStormID:F43253)
2006-01-21 00:00:00
Ubuntu  security.ubuntu.com
advisory,remote,denial of service
linux,ubuntu
CVE-2005-3573,CVE-2005-4153
[点击下载]

Ubuntu Security Notice USN-242-1 - Aliet Santiesteban Sifontes discovered a remote denial of service vulnerability in the attachment handler of mailman. An email with an attachment whose filename contained invalid UTF-8 characters caused mailman to crash. Mailman did not sufficiently verify the validity of email dates. Very large numbers in dates caused mailman to crash.

===========================================================
Ubuntu Security Notice USN-242-1	   January 16, 2006
mailman vulnerabilities
CVE-2005-3573, CVE-2005-4153
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

mailman

The problem can be corrected by upgrading the affected package to
version 2.1.5-1ubuntu2.5 (for Ubuntu 4.10), 2.1.5-7ubuntu0.1 (for
Ubuntu 5.04), or 2.1.5-8ubuntu2.1 (for Ubuntu 5.10).  In general, a
standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Aliet Santiesteban Sifontes discovered a remote Denial of Service
vulnerability in the attachment handler. An email with an attachment
whose filename contained invalid UTF-8 characters caused mailman to
crash. (CVE-2005-3573)

Mailman did not sufficiently verify the validity of email dates. Very
large numbers in dates caused mailman to crash. (CVE-2005-4153)


Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.5.diff.gz
      Size/MD5:   128899 1686924bbacf9fefa556fd7f1e8f74dc
    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.5.dsc
      Size/MD5:      658 65e41dc9eb2456d8189aea0eb4df64ae
    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5.orig.tar.gz
      Size/MD5:  5745912 f5f56f04747cd4aff67427e7a45631af

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.5_amd64.deb
      Size/MD5:  6602720 b559d0c6c0c8d97dc6ea342a4911d154

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.5_i386.deb
      Size/MD5:  6602194 ad5e65cead5a9d90ddbffc736337fb94

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1ubuntu2.5_powerpc.deb
      Size/MD5:  6611016 89feb8e459fa9f34ff91c8bbf75f3a80

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.1.diff.gz
      Size/MD5:   118355 78b91e2f11e438ef259c3e67e6fd1d47
    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.1.dsc
      Size/MD5:      669 99b42b16f8c4ba4e8acacc73920d1639
    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5.orig.tar.gz
      Size/MD5:  5745912 f5f56f04747cd4aff67427e7a45631af

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.1_amd64.deb
      Size/MD5:  6609778 28b3e1f005cbcc097fb084ba3b0c313b

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.1_i386.deb
      Size/MD5:  6609308 f80df6c6bc8f6a028d065c8892849569

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.1_powerpc.deb
      Size/MD5:  6616534 f33e0b4a6d2afea8aa96f3e86fdfe579

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.1.diff.gz
      Size/MD5:   194039 fd67dfe7d97bd94e9ad0e0575599639d
    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.1.dsc
      Size/MD5:      626 63366d888d62e4769c331c7303716c2e
    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5.orig.tar.gz
      Size/MD5:  5745912 f5f56f04747cd4aff67427e7a45631af

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.1_amd64.deb
      Size/MD5:  6610440 165e35634f6767fbab615e9407eec4c8

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.1_i386.deb
      Size/MD5:  6609374 03e1822d1085b4ff27d3ecb2912048bf

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.1_powerpc.deb
      Size/MD5:  6617106 522653cd7ecdce70366a2d80b5b97460
    

- 漏洞信息

21723
Mailman Message Processing Date Field Overflow
Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-09-11 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GNU Mailman Large Date Data Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 16248
Yes No
2006-01-16 12:00:00 2006-08-15 08:10:00
The original discoverer of this issue is currently unknown.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SGI ProPack 3.0 SP6
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
GNU Mailman 2.1.10 b1
GNU Mailman 2.1.5
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 3
+ RedHat Enterprise Linux Desktop version 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 3
GNU Mailman 2.1.4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNU Mailman 2.1.3
GNU Mailman 2.1.2
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
GNU Mailman 2.1.1
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
GNU Mailman 2.1
GNU Mailman 2.0.14
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
GNU Mailman 2.0.13
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
GNU Mailman 2.0.12
GNU Mailman 2.0.11
+ Debian Linux 3.0
GNU Mailman 2.0.10
GNU Mailman 2.0.9
GNU Mailman 2.0.8
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
- RedHat PowerTools 7.1
- RedHat PowerTools 7.0
GNU Mailman 2.0.7
GNU Mailman 2.0.6
GNU Mailman 2.0.5
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- Debian Linux 2.2
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- RedHat Linux 7.1
- RedHat Linux 7.0
- S.u.S.E. Linux 7.2
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0
- Slackware Linux 8.0
- Slackware Linux 7.1
- Slackware Linux 7.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
GNU Mailman 2.0.4
GNU Mailman 2.0.4
GNU Mailman 2.0.3
GNU Mailman 2.0.2
GNU Mailman 2.0.1
GNU Mailman 2.0 beta5
+ RedHat Secure Web Server 3.2 i386
GNU Mailman 2.0 beta4
- BSDI BSD/OS 4.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ RedHat Secure Web Server 3.2 i386
+ RedHat Secure Web Server 3.1 sparc
+ RedHat Secure Web Server 3.1 i386
+ RedHat Secure Web Server 3.1 alpha
+ RedHat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 beta3
- BSDI BSD/OS 4.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ RedHat Secure Web Server 3.2 i386
+ RedHat Secure Web Server 3.1 sparc
+ RedHat Secure Web Server 3.1 i386
+ RedHat Secure Web Server 3.1 alpha
+ RedHat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 .8
GNU Mailman 2.0 .7
GNU Mailman 2.0 .6
+ RedHat Linux 7.2 i386
GNU Mailman 2.0 .5
GNU Mailman 2.0 .3
GNU Mailman 2.0 .2
GNU Mailman 2.0 .1
GNU Mailman 2.0
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
GNU Mailman 2.1.7

- 不受影响的程序版本

GNU Mailman 2.1.7

- 漏洞讨论

GNU Mailman is prone to a denial-of-service attack. This issue affects Mailman's email date parsing.


The vulnerability could be triggered by mailing-list posts and will impact the availability of mailing lists hosted by the application.

- 漏洞利用

An exploit is not required.

- 解决方案

Please see the referenced advisories for further information.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.commailto:vuldb@securityfocus.com.


GNU Mailman 2.0 beta3

GNU Mailman 2.0 beta4

GNU Mailman 2.0

GNU Mailman 2.0 .1

GNU Mailman 2.0 .7

GNU Mailman 2.0 .5

GNU Mailman 2.0 .3

GNU Mailman 2.0 .6

GNU Mailman 2.0 .2

GNU Mailman 2.0 beta5

GNU Mailman 2.0.1

GNU Mailman 2.0.10

GNU Mailman 2.0.11

GNU Mailman 2.0.12

GNU Mailman 2.0.13

GNU Mailman 2.0.14

GNU Mailman 2.0.2

GNU Mailman 2.0.3

GNU Mailman 2.0.4

GNU Mailman 2.0.4

GNU Mailman 2.0.5

GNU Mailman 2.0.6

GNU Mailman 2.0.7

GNU Mailman 2.0.8

GNU Mailman 2.0.9

GNU Mailman 2.1

GNU Mailman 2.1.1

GNU Mailman 2.1.10 b1

GNU Mailman 2.1.2

GNU Mailman 2.1.4

GNU Mailman 2.1.5

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站