Red Hat Linux GNU Mailman远程拒绝服务漏洞
发布日期:2004-04-14
更新日期:2004-04-20
受影响系统:GNU Mailman 2.0.13
- RedHat Enterprise Linux WS 2.1
- RedHat Enterprise Linux ES 2.1
- RedHat Enterprise Linux AS 2.1
描述:
BUGTRAQ ID:
10147
CVE(CAN) ID:
CVE-2004-0182
RedHat Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
RedHat Mailman对部分畸形消息处理不正确,远程攻击者可以利用这个漏洞对服务程序进行拒绝服务攻击。
如果邮件列表中包含空的Subject字段,接收到此类EMAIL时可造成Mailman崩溃。
<*来源:Red Hat Security Advisory
链接:
http://rhn.redhat.com/errata/RHSA-2004-156.html
*>
建议:
厂商补丁:
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2004:156-07)以及相应补丁:
RHSA-2004:156-07:Updated mailman package closes DoS vulnerability
链接:
http://rhn.redhat.com/errata/RHSA-2004-156.html
Redhat系统可使用Red Hat Update Agent (up2date)工具进行升级:
Red Hat Enterprise Linux AS (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
mailman-2.0.13-6.src.rpm a3e21d6a121d92d2efcef4076faa0e16
i386:
mailman-2.0.13-6.i386.rpm 74f69c7c5af328c581d053502e6b2465
ia64:
mailman-2.0.13-6.ia64.rpm 027475a9d95a44f8a8c263f30b854902
Red Hat Enterprise Linux ES (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
mailman-2.0.13-6.src.rpm a3e21d6a121d92d2efcef4076faa0e16
i386:
mailman-2.0.13-6.i386.rpm 74f69c7c5af328c581d053502e6b2465
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
--------------------------------------------------------------------------------
SRPMS:
mailman-2.0.13-6.src.rpm a3e21d6a121d92d2efcef4076faa0e16
ia64:
mailman-2.0.13-6.ia64.rpm 027475a9d95a44f8a8c263f30b854902
浏览次数:3066
严重程度:0(网友投票)