Qpopper远程内存损坏漏洞

漏洞信息详情

Qpopper远程内存损坏漏洞

• CNNVD编号：CNNVD-200303-046
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2003-0143
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2003-03-18
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-13
  
• 厂        商：
  
  qualcomm
• 漏洞来源：
  The discovery of t…

Qpopper 4.0.5fc2之前4.0.x版本的pop_msg函数在Qvsnprintf调用消息缓冲区后没有将其空终止，认证用户可以借助带有超长宏名称的mdef命令的缓冲区溢出执行任意代码。

Sun have released a security update to address this issue in the RAQ XTR. Please see references section for further details. A fix is linked below.
SuSE has released a security advisory (SuSE-SA:2003:018) which contains fixes for this issue. Users are advised to upgrade as soon as possible.
Gentoo Linux have released an advisory that addresses this vulnerability (200303-12), users who are running net-mail/qpopper are advised to upgrade to qpopper-4.0.5 by issuing the following commands:
emerge sync
emerge qpopper
emerge clean
Debian has released a security advisory (DSA-259-1) which contains fixes for this issue. Users are advised to upgrade as soon as possible.
Qpopper version 4.0.5fc2 contains fixes for this issue. The vendor has also reported that the final version of 4.0.5 is pending release, and will also contain the fixes for this issue.
*** Additional information has been released which puts in question the changes made in Qpopper version 4.0.5fc2. As a result, users who have updated Qpopper may still be affected by this issue. Further details are available in the references section.
Sun Cobalt RaQ XTR

• Sun RaQXTR-All-Security-1.0.1-16409.pkg
  
  http://ftp.cobalt.sun.com/pub/packages/raqxtr/eng/RaQXTR-All-Security-
  1.0.1-16409.pkg

Qualcomm qpopper 4.0.1

• Qualcomm Qpopper 4.0.5fc2
  ftp://ftp.qualcomm.com/eudora/servers/unix/popper/beta/

Qualcomm qpopper 4.0.2

• Qualcomm Qpopper 4.0.5fc2
  ftp://ftp.qualcomm.com/eudora/servers/unix/popper/beta/

Qualcomm qpopper 4.0.3

• Qualcomm Qpopper 4.0.5fc2
  ftp://ftp.qualcomm.com/eudora/servers/unix/popper/beta/
• S.u.S.E. qpopper-4.0.3-178.i386.patch.rpmSuSE-8.0
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n4/qpopper-4.0.3-178.i386.
  patch.rpm
• S.u.S.E. qpopper-4.0.3-178.i386.rpmSuSE-8.0
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n4/qpopper-4.0.3-178.i386.
  rpm
• S.u.S.E. qpopper-4.0.3-178.src.rpmSuSE-8.0
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/qpopper-4.0.3-178.src.
  rpm

Qualcomm qpopper 4.0.4

• Debian qpopper-drac_4.0.4-2.woody.3_alpha.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_alpha.deb
• Debian qpopper-drac_4.0.4-2.woody.3_arm.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_arm.deb
• Debian qpopper-drac_4.0.4-2.woody.3_hppa.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_hppa.deb
• Debian qpopper-drac_4.0.4-2.woody.3_i386.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_i386.deb
• Debian qpopper-drac_4.0.4-2.woody.3_ia64.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_ia64.deb
• Debian qpopper-drac_4.0.4-2.woody.3_m68k.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_m68k.deb
• Debian qpopper-drac_4.0.4-2.woody.3_mips.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_mips.deb
• Debian qpopper-drac_4.0.4-2.woody.3_mipsel.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_mipsel.deb
• Debian qpopper-drac_4.0.4-2.woody.3_powerpc.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_powerpc.deb
• Debian qpopper-drac_4.0.4-2.woody.3_s390.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_s390.deb
• Debian qpopper-drac_4.0.4-2.woody.3_sparc.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.
  0.4-2.woody.3_sparc.deb
• Debian qpopper_4.0.4-2.woody.3_alpha.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2
  .woody.3_alpha.deb
• Debian qpopper_4.0.4-2.woody.3_arm.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2
  .woody.3_arm.deb
• Debian qpopper_4.0.4-2.woody.3_hppa.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2
  .woody.3_hppa.deb
• Debian qpopper_4.0.4-2.woody.3_i386.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2
  .woody.3_i386.deb
• Debian qpopper_4.0.4-2.woody.3_ia64.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2
  .woody.3_ia64.deb
• Debian qpopper_4.0.4-2.woody.3_m68k.debDebian 3.0 (stable)
  
  http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2
  .woody.3_m68k.deb
• Debian qpopper_4.0.4-2.woody.3_mips.debDebian 3.0 (stable)
  

  参考网址

  来源: BID
  名称: 7058
  链接:http://www.securityfocus.com/bid/7058

  来源: DEBIAN
  名称: DSA-259
  链接:http://www.debian.org/security/2003/dsa-259

  来源: XF
  名称: qpopper-popmsg-macroname-bo(11516)
  链接:http://xforce.iss.net/xforce/xfdb/11516

  来源: BUGTRAQ
  名称: 20030310 QPopper 4.0.x buffer overflow vulnerability
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104739841223916&w=2

  来源: SUSE
  名称: SuSE-SA:2003:018
  链接:http://www.novell.com/linux/security/advisories/2003_018_qpopper.html

  来源: GENTOO
  名称: GLSA-200303-12
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104792541215354&w=2

  来源: BUGTRAQ
  名称: 20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper)
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104768137314397&w=2

  来源: BUGTRAQ
  名称: 20030312 Re: QPopper 4.0.x buffer overflow vulnerability
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104748775900481&w=2