漏洞信息详情
libesmtp read_smtp_response远程缓冲区溢出漏洞
- CNNVD编号:CNNVD-200210-164
- 危害等级: 高危
![图片[1]-libesmtp read_smtp_response远程缓冲区溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-04-26/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2002-1090
- 漏洞类型:
边界条件错误
- 发布时间:
2002-10-04
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
libesmtp - 漏洞来源:
Red Hat Security A… -
漏洞简介
libesmtp是一款SMTP库,balsa邮件客户端使用了这个库。
libesmtp对部分应答缺少正确缓冲区边界检查,远程攻击者可以利用这个漏洞通过构建超长服务器应答对使用libesmtp库的应用程序进行拒绝服务或执行任意指令攻击。
目前没有详细漏洞细节。
漏洞公告
厂商补丁:
RedHat
——
RedHat已经为此发布了一个安全公告(RHSA-2003:109-03)以及相应补丁:
RHSA-2003:109-03:Updated balsa and mutt packages fix vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2003-109.html” target=”_blank”>https://www.redhat.com/support/errata/RHSA-2003-109.html
补丁下载:
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/balsa-1.2.4-7.7.2.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/balsa-1.2.4-7.7.2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/libesmtp-0.8.12-0.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/libesmtp-devel-0.8.12-0.7.x.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/balsa-1.2.4-7.7.2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/libesmtp-0.8.12-0.7.x.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/libesmtp-devel-0.8.12-0.7.x.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/balsa-1.2.4-7.7.3.src.rpm
ftp://updates.redhat.com/7.3/en/os/SRPMS/libesmtp-0.8.12-0.7.x.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/balsa-1.2.4-7.7.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/libesmtp-0.8.12-0.7.x.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/libesmtp-devel-0.8.12-0.7.x.i386.rpm
Red Hat Linux 8.0:
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/mutt-1.4.1-0.8.x.src.rpm
ftp://updates.redhat.com/8.0/en/os/SRPMS/balsa-1.2.4-8.src.rpm
i386:
ftp://updates.redhat.com/8.0/en/os/i386/mutt-1.4.1-0.8.x.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/balsa-1.2.4-8.i386.rpm
Red Hat Linux 9:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/mutt-1.4.1-1.src.rpm
ftp://updates.redhat.com/9/en/os/SRPMS/balsa-2.0.6-2.src.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/mutt-1.4.1-1.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/balsa-2.0.6-2.i386.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
参考网址
来源: www.stafford.uklinux.net
链接:http://www.stafford.uklinux.net/libesmtp/ChangeLog.txt
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
