UW pop2d FOLD命令远程缓冲区溢出漏洞

漏洞信息详情

UW pop2d FOLD命令远程缓冲区溢出漏洞

• CNNVD编号：CNNVD-199905-048
• 危害等级： 超危
  
  
• CVE编号：
  CVE-1999-0920
  
• 漏洞类型：
  
  
  边界条件错误
  
• 发布时间：
  
  1999-05-26
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  university_of_washington
• 漏洞来源：
  Chris Evans※ chris…

pop2d是University of Washington实现的一个开放源码的POP服务器。
pop2d 4.4及以前版本存在一个缓冲区溢出漏洞，恶意的远程攻击者可以利用该漏洞获得主机的\”nobody\”用户权限。
pop2和pop3服务器支持\”anonymous proxy\”，远程用户可以用这个指令打开其它有合法账号服务器的IMAP mailbox。登陆以后，FOLD命令的一个参数会引起基于堆栈的缓冲溢出。

临时解决方法：
如果您不能立刻安装补丁或者升级，CNNVD建议您采取以下措施以降低威胁：

* 暂时关闭pop2d服务

在/etc/inetd.conf中注释掉ipop2d行：

#pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d

然后重起inetd服务。
厂商补丁：
Debian
——
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

Source archives:

http://security.debian.org/dists/stable/updates/source/imap_4.5-0slink2.diff.gz” target=”_blank”>
http://security.debian.org/dists/stable/updates/source/imap_4.5-0slink2.diff.gz

MD5 checksum: 606f893869069eee68f4c1e31392af29

http://security.debian.org/dists/stable/updates/source/imap_4.5-0slink2.dsc” target=”_blank”>
http://security.debian.org/dists/stable/updates/source/imap_4.5-0slink2.dsc

MD5 checksum: 93ed80a3619586ff9f3246003aca2448

http://security.debian.org/dists/stable/updates/source/imap_4.5.orig.tar.gz” target=”_blank”>
http://security.debian.org/dists/stable/updates/source/imap_4.5.orig.tar.gz

MD5 checksum: 59afe4be5fcd17c20d241633a4a3d0ac

Sun Sparc architecture:

http://security.debian.org/dists/stable/updates/binary-sparc/c-client-dev_4.5-0slink2_sparc.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-sparc/c-client-dev_4.5-0slink2_sparc.deb

MD5 checksum: 2de5363a3ea9f27c1aa064c3102567cc

http://security.debian.org/dists/stable/updates/binary-sparc/imap_4.5-0slink2_sparc.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-sparc/imap_4.5-0slink2_sparc.deb

MD5 checksum: 87638b6ad06094f30ff6d2dddfd10b8b

http://security.debian.org/dists/stable/updates/binary-sparc/ipopd_4.5-0slink2_sparc.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-sparc/ipopd_4.5-0slink2_sparc.deb

MD5 checksum: aa6621e2f7e2df751489c397e9e169a8

Intel ia32 architecture:

http://security.debian.org/dists/stable/updates/binary-i386/c-client-dev_4.5-0slink2_i386.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-i386/c-client-dev_4.5-0slink2_i386.deb

MD5 checksum: fd92656c7281a4d8322b6da1285475cd

http://security.debian.org/dists/stable/updates/binary-i386/imap_4.5-0slink2_i386.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-i386/imap_4.5-0slink2_i386.deb

MD5 checksum: c92eaece7e431c84708909362afad07d

http://security.debian.org/dists/stable/updates/binary-i386/ipopd_4.5-0slink2_i386.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-i386/ipopd_4.5-0slink2_i386.deb

MD5 checksum: 29685847b0eef8307383a428b1d02be2

Motorola 680×0 architecture:

http://security.debian.org/dists/stable/updates/binary-m68k/c-client-dev_4.5-0slink2_m68k.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-m68k/c-client-dev_4.5-0slink2_m68k.deb

MD5 checksum: eeab449299e9f2d3fc97db69110b4432

http://security.debian.org/dists/stable/updates/binary-m68k/imap_4.5-0slink2_m68k.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-m68k/imap_4.5-0slink2_m68k.deb

MD5 checksum: 4bd0fbaa392b6013f6caa33b04578764

http://security.debian.org/dists/stable/updates/binary-m68k/ipopd_4.5-0slink2_m68k.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-m68k/ipopd_4.5-0slink2_m68k.deb

MD5 checksum: d43f502971afc531923903f3ac7b5b3f

Alpha architecture:

http://security.debian.org/dists/stable/updates/binary-alpha/c-client-dev_4.5-0slink2_alpha.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-alpha/c-client-dev_4.5-0slink2_alpha.deb

MD5 checksum: 6732ae9495ee29590ed85cc482fbda97

http://security.debian.org/dists/stable/updates/binary-alpha/imap_4.5-0slink2_alpha.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-alpha/imap_4.5-0slink2_alpha.deb

MD5 checksum: d0ee05b972d5d1bc1d066e2bae4d8c8b

http://security.debian.org/dists/stable/updates/binary-alpha/ipopd_4.5-0slink2_alpha.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/binary-alpha/ipopd_4.5-0slink2_alpha.deb

MD5 checksum: 89c3931092537d0eb23fb50fa57f1bb0
RedHat
——
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

Red Hat Linux 4.x:

——————

On alpha:

rpm -Uvh ftp://updates.redhat.com/4.2/alpha/imap-4.5-0.4.2.alpha.rpm

On i386:

rpm -Uvh ftp://updates.redhat.com/4.2/i386/imap-4.5-0.4.2.i386.rpm

On sparc:

rpm -Uvh ftp://updates.redhat.com/4.2/sparc/imap-4.5-0.4.2.sparc.rpm

The source is available at

ftp://updates.redhat.com/4.2/SRPMS/imap-4.5-0.4.2.src.rpm

Red Hat Linux 5.x:

——————

On alpha:

rpm -Uvh ftp://updates.redhat.com/5.2/alpha/imap-4.5-0.5.2.alpha.rpm

On i386:

rpm -Uvh ftp://updates.redhat.com/5.2/i386/imap-4.5-0.5.2.i386.rpm

On sparc:

rpm -Uvh ftp://updates.redhat.com/5.2/sparc/imap-4.5-0.5.2.sparc.rpm

The source is available at

ftp://updates.redhat.com/5.2/SRPMS/imap-4.5-0.5.2.src.rpm

来源: BID
名称: 283
链接:http://www.securityfocus.com/bid/283

来源：NSFOCUS
名称：3555
链接：http://www.nsfocus.net/vulndb/3555