漏洞信息详情
HTTP Fetcher库多个缓冲区溢出漏洞
- CNNVD编号:CNNVD-200312-135
- 危害等级: 低危
- CVE编号: CVE-2003-1262
- 漏洞类型: 边界条件错误
- 发布时间: 2003-01-07
- 威胁类型: 远程
- 更新时间: 2006-01-19
- 厂 商: http_fetcher
- 漏洞来源: dong-h0un yoU※ xpl...
漏洞简介
HTTP Fetcher是一款可以从HTTP下载文件的小型库。 HTTP Fetcher在处理HTTP数据时缺少正确的边界缓冲区检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,以Fetcher进程权限在系统上执行任意指令。 由于http_fetch()函数用于拷贝各种HTTP数据,攻击者可以在各种用户提供参数中提交过多数据,就可以触发多个缓冲区溢出。成功利用此漏洞,可以导致攻击者攻击连接此库的应用程序,通过覆盖函数指令指针而执行任意指令。 注:要利用这个漏洞只有在客户端通过代理服务器远程访问服务条件下。如某一服务器允许一客户端从另外服务器上提交GET请求。
漏洞公告
临时解决方法: 如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* dong-h0un yoU [email protected]>提供了如下第三方补丁:
--- http_fetcher.c Tue Jul 31 03:47:15 2001
+++ http_fetcher.patch.c Thu Jan 2 22:24:48 2003
@@ -94,7 +94,7 @@
* request */
sprintf(requestBuf, "GET / %s\n", HTTP_VERSION);
else
- sprintf(requestBuf, "GET %s %s\n", charIndex, HTTP_VERSION);
+ snprintf(requestBuf, sizeof(requestBuf)/4-1,"GET %s %s\n", charIndex, HTTP_VERSION);
/* Null out the end of the hostname if need be */
if(charIndex != NULL)
@@ -102,13 +102,13 @@
/* Use Host: even though 1.0 doesn't specify it. Some servers
* won't play nice if we don't send Host, and it shouldn't hurt anything */
strcat(requestBuf, "Host: ");
- strcat(requestBuf, host);
+ strncat(requestBuf, host, sizeof(requestBuf)/4-1);
strcat(requestBuf, "\n");
if(!hideReferer && referer != NULL) /* NO default referer */
{
strcat(requestBuf, "Referer: ");
- strcat(requestBuf, referer);
+ strncat(requestBuf, referer, sizeof(requestBuf)/4-1);
strcat(requestBuf, "\n");
}
@@ -123,7 +123,7 @@
else if(!hideUserAgent)
{
strcat(requestBuf, "User-Agent: ");
- strcat(requestBuf, userAgent);
+ strncat(requestBuf, userAgent, sizeof(requestBuf)/4-1);
strcat(requestBuf, "\n");
}
=== eof === 厂商补丁: HTTP Fetcher ------------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://cs.nmu.edu/~lhanson/http_fetcher
参考网址
http://www.iss.net/security_center/static/11000.php※http://marc.theaimsgroup.com/?l=bugtraq&m=104195613529429&w=2※http://www.securityfocus.com/archive/1/305340※http://www.securityfocus.com/bid/6531※http://www.securityfocus.com/archive/1/305340※http://www.securityfocus.com/bid/6531※http://marc.theaimsgroup.com/?l=bugtraq&m=104187658217144&w=2※http://cs.nmu.edu/~lhanson/http_fetcher 来源:NSFOCUS 名称:4182 链接:http://www.nsfocus.net/vulndb/4182
受影响实体
- Http_fetcher Http_fetcher_library:1.0.1
- Http_fetcher Http_fetcher_library:1.0.0
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论