Netscape Communicator JPEG评论堆覆盖漏洞

漏洞信息详情

Netscape Communicator JPEG评论堆覆盖漏洞

• CNNVD编号：CNNVD-200007-067
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0655
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2000-07-25
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-16
  
• 厂        商：
  
  mozilla
• 漏洞来源：
  Posted to BugTraq …

Netscape Communicator 4.73及其之前版本存在漏洞。远程攻击者借助JPEG图像导致服务拒绝或者执行任意命令。该图像包含带有长度为1的非法字段的注释。

Netscape Communicator 4.74 and Mozilla M16 are not vulnerable to this issue.
NetBSD: See the advisory in the “Credit” section for upgrade instructions.
If upgrading is not preferable, several patches are available (included in the following archives):
http://www.openwall.com/advisories/OW-002-netscape-jpeg-r1.tar.gz
http://www.openwall.com/advisories/OW-002-1.zip
i386: ftp://updates.redhat.com/6.2/i386/netscape-common-4.74-0.6.2.i386.rpm ftp://updates.redhat.com/6.2/i386/netscape-communicator-4.74-0.6.2.i386.rpm ftp://updates.redhat.com/6.2/i386/netscape-navigator-4.74-0.6.2.i386.rpm
sources: ftp://updates.redhat.com/6.2/SRPMS/netscape-alpha-4.74-1.src.rpm ftp://updates.redhat.com/6.2/SRPMS/netscape-4.74-0.6.2.src.rpm
7. Verification:
MD5 sum Package Name ————————————————————————– 2520f9f234010f483d14ec524898ad29 5.2/SRPMS/netscape-4.74-0.5.2.src.rpm 2dd30f35857c05304e54253e7564634b 5.2/i386/netscape-common-4.74-0.5.2.i386.rpm 765fc5c8be9638560544379a3c7e1004 5.2/i386/netscape-communicator-4.74-0.5.2.i386.rpm d6ecb766f5d979e2787f239fefcce8fd 5.2/i386/netscape-navigator-4.74-0.5.2.i386.rpm 64999688cbd3b6be723c72d94dcb0f72 6.2/SRPMS/netscape-4.74-0.6.2.src.rpm e75ad6a500fa4ac0ef919f65aa8871bd 6.2/SRPMS/netscape-alpha-4.74-1.src.rpm 2796178bd0f400800d1fb5fccd39880b 6.2/alpha/netscape-common-4.74-1.alpha.rpm 2f2260eb8030751838f9d14a4eca71ae 6.2/alpha/netscape-communicator-4.74-1.alpha.rpm db641b2f9b63c3f986dece1ecc482d32 6.2/alpha/netscape-navigator-4.74-1.alpha.rpm 2f2f1be58b481030eb2da12dcd9a6a54 6.2/i386/netscape-common-4.74-0.6.2.i386.rpm 6b2045ecf408024a64962705c6395a1f 6.2/i386/netscape-communicator-4.74-0.6.2.i386.rpm 03b93972ba0f114d4be9ef50a2a21fa5 6.2/i386/netscape-navigator-4.74-0.6.2.i386.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command: rpm –checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm –checksig –nogpg
Debian has provided the following upgrades:
Source archives:
http://security.debian.org/dists/potato/updates/non-free/source/netscape4.75_4.75-1potato1.diff.gz
MD5 checksum: 99ab453006b123ade6b62d508052e8aa
http://security.debian.org/dists/potato/updates/non-free/source/netscape4.75_4.75-1potato1.dsc
MD5 checksum: b6c8220d540580c62302e51bd310273c
http://security.debian.org/dists/potato/updates/non-free/source/netscape4.75_4.75.orig.tar.gz
MD5 checksum: 291d418188dd0d859c842b8e511f40dd
http://security.debian.org/dists/potato/updates/non-free/source/netscape4.base_4.75-1.dsc
MD5 checksum: 834ccd2acc61052bf9b01f58c5adb767
http://security.debian.org/dists/potato/updates/non-free/source/netscape4.base_4.75-1.tar.gz
MD5 checksum: c9f71e888d9ce42d7317a7a8255a25f4
Intel ia32 architecture:
http://security.debian.org/dists/potato/updates/non-free/binary-i386/communicator-base-475_4.75-1potato1_i386.deb
MD5 checksum: 401b63408d1477978fe16a855b9b2a14
http://security.debian.org/dists/potato/updates/non-free/binary-i386/communicator-nethelp-475_4.75-1potato1_all.deb
MD5 checksum: 763d8c075f0200d77ce1ad91af3d4c27
http://security.debian.org/dists/potato/updates/non-free/binary-i386/communicator-smotif-475-libc5_4.75-1potato1_i386.deb
MD5 checksum: d255e35d8365486b28a6e5c02bdf7e80
http://security.debian.org/dists/potato/updates/non-free/binary-i386/communicator-smotif-475_4.75-1potato1_i386.deb
MD5 checksum: a8b595e4ba544861109e91cf2f494d67
http://security.debian.org/dists/potato/updates/non-free/binary-i386/communicator-spellchk-475_4.75-1potato1_all.deb
MD5 checksum: 2c42207d48399b1d9ea757a1ee677414
http://security.debian.org/dists/potato/updates/non-free/binary-i386/communicator_4.75-1_i386.deb
MD5 checksum: 3b67100464ed0aa6a22bef337c14798f
http://security.debian.org/dists/potato/updates/non-free/binary-i386/navigator-base-475_4.75-1potato1_i386.deb
MD5 checksum: f4ed466d94b761b3a5f252c859c1c38d
http://security.debian.org/dists/potato/updates/non-free/binary-i386/navigator-nethelp-475_4.75-1potato1_all.deb
MD5 checksum: 3e671e3bd853557df55915a395f57d39
http://security.debian.org/dists/potato/updates/non-free/binary-i386/navigator-smotif-475-libc5_4.75-1potato1_i386.deb
MD5 checksum: d46984adbf2703f26a5bbd1cff912967
http://security.debian.org/dists/potato/updates/non-free/binary-i386/navigator-smotif-475_4.75-1potato1_i386.deb
MD5 checksum: 3e7de9bb9c0c8c73519c3b7149de6af4
http://security.debian.org/dists/potato/updates/non-free/binary-i386/navigator_4.75-1_i386.deb
MD5 checksum: a4f735e76fb26bc46a99edb557e41d43
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-base-4-libc5_4.75-1_i386.deb
MD5 checksum: be2014f7b47913fc2d40dd3a2f7dc60f
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-base-475_4.75-1potato1_i386.deb
MD5 checksum: 4cae30606eb234d79c0469ad3e430ece
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-base-4_4.75-1_i386.deb
MD5 checksum: e594f5e58bfab22b5c4333d6e648b8bc
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-ja-resource-475_4.75-1potato1_all.deb
MD5 checksum: 2f5aadfe24499b6ed79d7c1810aedb70
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-java-475_4.75-1potato1_all.deb
MD5 checksum: 2b1d1abed84ac00eef02de530ad95028
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-ko-resource-475_4.75-1potato1_all.deb
MD5 checksum: b2335dabae4430a69773ba22b3d5100c
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-smotif-475-libc5_4.75-1potato1_i386.deb
MD5 checksum: 2397e4c0d8e556ea457b0095ad102d96
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-smotif-475_4.75-1potato1_i386.deb
MD5 checksum: 45f1df641dc6869f880ee32abc1c8eb2
http://security.debian.org/dists/potato/updates/non-free/binary-i386/netscape-zh-resource-475_4.75-1potato1_all.deb
MD5 checksum: 5cb68c9bf8a895488c4a75145c48c915
Mozilla Browser M15

• Solar Designer moz-jpg.patch
  
  http://www.securityfocus.com/data/vulnerabilities/patches/moz-jpg.patc
  h

Netscape Communicator 4.07

• Mandrakesoft 6.0 i386 netscape-common-4.75-2mdk.i586.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
  /6.0/RPMS/netscape-common-4.75-2mdk.i586.rpm
• Mandrakesoft 6.0 i386 netscape-communicator-4.75-2mdk.i586.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
  /6.0/RPMS/netscape-communicator-4.75-2mdk.i586.rpm
• Mandrakesoft 6.0 i386 netscape-navigator-4.75-2mdk.i586.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
  /6.0/RPMS/netscape-navigator-4.75-2mdk.i586.rpm
• Mandrakesoft 6.0 source netscape-4.75-2mdk.src.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
  /6.0/SRPMS/netscape-4.75-2mdk.src.rpm
• Mandrakesoft 6.1 i386 netscape-common-4.75-2mdk.i586.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
  

来源: BUGTRAQ
名称: 20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers
链接:http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com

来源: TURBO
名称: TLSA2000017-1
链接:http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html

来源: BID
名称: 1503
链接:http://www.securityfocus.com/bid/1503

来源: REDHAT
名称: RHSA-2000:046
链接:http://www.redhat.com/support/errata/RHSA-2000-046.html

来源: SUSE
名称: 20000823 Security Hole in Netscape, Versions 4.x, possibly others
链接:http://www.novell.com/linux/security/advisories/suse_security_announce_60.html

来源: BUGTRAQ
名称: 20000810 Conectiva Linux Security Announcement – netscape
链接:http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html

来源: BUGTRAQ
名称: 20000801 MDKSA-2000:027-1 netscape update
链接:http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html

来源: NETBSD
名称: NetBSD-SA2000-011
链接:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc

来源: FREEBSD
名称: FreeBSD-SA-00:39
链接:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc