论坛: 黑客进阶 标题: Mailman远程拒绝服务攻击漏洞 复制本贴地址    
作者: hongliubo1 [hongliubo1]    论坛用户   登录
GNU, Mailman, 1.0GNU, Mailman, 1.1GNU, Mailman, 2.0 beta5GNU, Mailman, 2.0 beta4GNU, Mailman, 2.0 beta3GNU, Mailman, 2.0 .8GNU, Mailman, 2.0 .7GNU, Mailman, 2.0 .6GNU, Mailman, 2.0 .5GNU, Mailman, 2.0 .3GNU, Mailman, 2.0 .2GNU, Mailman, 2.0 .1GNU, Mailman, 2.0GNU, Mailman, 2.0.1GNU, Mailman, 2.0.2GNU, Mailman, 2.0.3GNU, Mailman, 2.0.4GNU, Mailman, 2.0.4GNU, Mailman, 2.0.5GNU, Mailman, 2.0.6GNU, Mailman, 2.0.7GNU, Mailman, 2.0.8GNU, Mailman, 2.0.9GNU, Mailman, 2.0.10GNU, Mailman, 2.0.11GNU, Mailman, 2.0.12GNU, Mailman, 2.0.13GNU, Mailman, 2.1SGI, ProPack, 2.3

漏洞描述:


--------------------------------------------------------------------------------
Mailman 2.0.14之前的版本中存在安全问题,通过构建畸形的e_mail命令,远程攻击者可以进行拒绝服务攻击(引起系统崩溃),这个漏洞目前还没有更详细的信息。

参考资源一:


--------------------------------------------------------------------------------
Source: Python.orgType: Generaland PatchName: Mailman 2.0.14 patch-only releasehttp://mail.python.org/pipermail/mailman-announce/2004-February/000067.html

参考资源二:


--------------------------------------------------------------------------------
Source: Debian.orgType: Generaland PatchName: mailman -- several vulnerabilitieshttp://www.debian.org/security/2004/dsa-436

参考资源三:


--------------------------------------------------------------------------------
Source: Red HatType: Generaland PatchName: Updated mailman packages close DoS vulnerabilityhttp://www.redhat.com/support/errata/RHSA-2004-019.html

地主 发表时间: 05-01-15 15:24

论坛: 黑客进阶

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号