首页 -> 安全研究
安全研究
安全漏洞
多家厂商XML解析器远程拒绝服务攻击漏洞
发布日期:2002-12-16
更新日期:2002-12-24
受影响系统:
IBM Websphere Application Server 4.0.3描述:
IBM Websphere Application Server 3.5.3
IBM Websphere Application Server 3.5.2
IBM Websphere Application Server 3.5.1
IBM Websphere Application Server 3.5
IBM Websphere Application Server 3.0.2.4
IBM Websphere Application Server 3.0.2.3
IBM Websphere Application Server 3.0.2.2
IBM Websphere Application Server 3.0.2.1
IBM Websphere Application Server 3.0.2
IBM Websphere Application Server 3.0
Sybase Enterprise Application Server 4.1.3
Sybase Enterprise Application Server 4.1.2
Sybase Enterprise Application Server 4.1.1
Sybase Enterprise Application Server 4.1
Sun ONE Web Server 6.0 SP4
Sun ONE Web Server 6.0 SP3
Sun ONE Web Server 6.0 SP2
Sun ONE Web Server 6.0 SP1
Sun ONE Web Server 6.0
Sun ONE Web Server 4.1 SP11
Sun ONE Web Server 4.1 SP10
Sun ONE Web Server 4.1
Apache Software Foundation Axis 1.1 beta
Apache Software Foundation Axis 1.0
Apache Software Foundation Xerces C++ 2.1.0
Apache Software Foundation Xerces Perl 1.7.0-1
Apache Software Foundation Xerces2 Java Parser 2.2.1
Apache Software Foundation Xerces2 Java Parser 2.2.0
Apache Software Foundation Xerces2 Java Parser 2.1.0
Apache Software Foundation Xerces2 Java Parser 2.0.2
The Expat Developers Expat 1.95.4
The Expat Developers Expat 1.95.2
The Expat Developers Expat 1.95.1
IBM Websphere Application Server 2.0
- IBM AIX 4.3
- Linux系统 kernel 2.3
- Microsoft Windows NT 4.0
- Novell NetWare 5.0
- Sun Solaris 8.0
BUGTRAQ ID: 6398
多家厂商的产品包含Crimson或Xerces XML解析器。
Crimson或Xerces XML解析器在处理XML文档的DTD部分时存在问题,远程攻击者可以利用这个漏洞发送特殊构建消息使XML解析器解析而导致拒绝服务。
攻击者可以发送特殊构建的消息给有此漏洞软件的SOAP接口时,系统使用XML解析器(Crimson或者Xerces)进行处理时会进入无限循环,消耗100%CPU利用率和大量内存,使系统停止对正常服务的响应。
<*来源:Amit Klein (Amit.Klein@SanctumInc.com)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104005871814324&w=2
http://my.sybase.com/detail?id=1022856
http://www.macromedia.com/v1/handlers/index.cfm?ID=23559
http://dev2dev.bea.com/resourcelibrary/advisoriesdetail.jsp?highlight=advisoriesnotifications&path=c
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 在XML解析器中关闭对DTD的处理。
厂商补丁:
BEA Systems
-----------
BEA Systems已经为此发布了一个安全公告(BEA02-23.01)以及相应补丁:
BEA02-23.01:Patch available to prevent DOS attack through XML parsing
链接:http://dev2dev.bea.com/resourcelibrary/advisoriesdetail.jsp?highlight=advisoriesnotifications&path=c
补丁下载:
BEA Systems WebLogic Integration 2.1:
BEA Systems Patch CR091862_610sp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp3.jar
这个补丁需要受此漏洞影响的用户升级到BEA WebLogic Server 6.1 Service Pack 3之后安装此补丁。
BEA Systems Weblogic Server 6.0 SP 2:
BEA Systems Patch CR091862_600sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_600sp2rp3.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.0 Service Pack 2 Rolling Patch 3之后安装此补丁。
BEA Systems WebLogic Express 6.0 SP 2:
BEA Systems Patch CR091862_600sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_600sp2rp3.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.0 Service Pack 2 Rolling Patch 3之后安装此补丁。
BEA Systems Weblogic Server 6.0 SP 1:
BEA Systems Patch CR091862_600sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_600sp2rp3.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.0 Service Pack 2 Rolling Patch 3之后安装此补丁。
BEA Systems WebLogic Express 6.0 SP 1:
BEA Systems Patch CR091862_600sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_600sp2rp3.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.0 Service Pack 2 Rolling Patch 3之后安装此补丁。
BEA Systems Weblogic Server 6.0:
BEA Systems Patch CR091862_600sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_600sp2rp3.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.0 Service Pack 2 Rolling Patch 3之后安装此补丁。
BEA Systems WebLogic Express 6.0:
BEA Systems Patch CR091862_600sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_600sp2rp3.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.0 Service Pack 2 Rolling Patch 3之后安装此补丁。
BEA Systems WebLogic Express 6.1 SP 3:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems Weblogic Server 6.1 SP 3:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems Weblogic Server 6.1 SP 2:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems WebLogic Express 6.1 SP 2:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems WebLogic Express 6.1 SP 1:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems Weblogic Server 6.1 SP 1:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems Weblogic Server 6.1:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems WebLogic Express 6.1:
BEA Systems Upgrade CR091862_610sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_610sp4.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 6.1 Service Pack 4之后安装此补丁。
BEA Systems WebLogic Express 7.0 .0.1:
BEA Systems Weblogic Server 7.0 .0.1:
BEA Systems Patch CR091862_700sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_700sp1.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 7.0 Service Pack 1之后安装此补丁。
BEA Systems Weblogic Server 7.0 SP 1:
BEA Systems Patch CR091862_700sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_700sp1.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 7.0 Service Pack 1之后安装此补丁。
BEA Systems WebLogic Express 7.0 SP 1:
BEA Systems WebLogic Integration 7.0:
BEA Systems Patch CR091862_700sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_700sp1.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 7.0 Service Pack 1之后安装此补丁。
BEA Systems Weblogic Server 7.0:
BEA Systems Patch CR091862_700sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR091862_700sp1.jar
这个补丁需要受此漏洞影响的用户升级到WebLogic Server 7.0 Service Pack 1之后安装此补丁。
Macromedia
----------
Macromedia已经为此发布了一个安全公告(MPSB02-14)以及相应补丁:
MPSB02-14:Patch available for web services denial-of-service vulnerability in JRun 4.0 and ColdFusion MX
链接:http://www.macromedia.com/v1/handlers/index.cfm?ID=23559
补丁下载:
Macromedia为ColdFusion MX发布的补丁(All Editions):
http://download.macromedia.com/pub/security/coldfusion/60/MPSB02-14_CFMX.zip
Macromedia为JRun 4.0发布的补丁(All Editions):
http://download.macromedia.com/pub/security/jrun/40/MPSB02-14_JRun.zip
Sybase
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Sybase发布如下EBFs修正这个漏洞:
EAServer 4.1 Windows EBF # 10843
EAServer 4.1 Solaris EBF # 10844
EAServer 4.1 HP-UX EBF # 10848
EAServer 4.1 AIX EBF # 10849
EAServer 4.1.1 Windows EBF # 10840
EAServer 4.1.1 Solaris EBF # 10845
EAServer 4.1.2 Windows EBF # 10841
EAServer 4.1.2 Solaris EBF # 10846
EAServer 4.1.3 Windows EBF # 10842
EAServer 4.1.3 Solaris EBF # 10847
这些EBFs可以从客户服务和WEB支持站点获得:
http://support.sybase.com
浏览次数:3439
严重程度:0(网友投票)
绿盟科技给您安全的保障