Lumigent Log Explorer XP_LogAttach_StartProf缓冲区溢出漏洞

漏洞信息详情

Lumigent Log Explorer XP_LogAttach_StartProf缓冲区溢出漏洞

• CNNVD编号：CNNVD-200210-134
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-0942
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2002-10-04
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  lumigent
• 漏洞来源：
  Credited to martin…

Lugiment Log Explorer 3.02之前版本存在缓冲区溢出漏洞。带有数据库权限的攻击者借助存储参数扩展存储过程(1)xp_logattach_StartProf，(2)xp_logattach_setport，或者(3)xp_logattach从而执行任意代码。

The vendor is aware of the issue and is planning to release a fixed version soon. In the meantime, the vendor suggests granting execute permissions of stored procedures to trusted users only.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源: XF
名称: logexplorer-mssql-xplogattach-bo(9346)
链接:http://www.iss.net/security_center/static/9346.php

来源: BID
名称: 5018
链接:http://www.securityfocus.com/bid/5018

来源: BID
名称: 5017
链接:http://www.securityfocus.com/bid/5017

来源: BID
名称: 5016
链接:http://www.securityfocus.com/bid/5016

来源: www.lumigent.com
链接:http://www.lumigent.com/LogExplorer/Support/whatsnew3_03.htm

来源: BUGTRAQ
名称: 20020614 Follow-up on Lumigent Log Explorer 3.xx extended stored procedures buffer overflow
链接:http://online.securityfocus.com/archive/1/277026

来源: BUGTRAQ
名称: 20020614 Lumigent Log Explorer 3.xx extended stored procedures buffer overflow
链接:http://archives.neohapsis.com/archives/bugtraq/2002-06/0146.html