int(1254)

Boletines de Vulnerabilidades


Ejecución remota de código en Mozilla

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza official+tested
Impacto Obtener acceso
Dificultad Principiante
Requerimientos del atacante Acceso remoto sin cuenta a un servicio exotico

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado Mozilla <= 1.7.3

Descripción

Se ha descubierto una vulnerabilidad en el manejo de código del protocolo NNTP en Mozilla.
La vulnerabilidad, de desbordamiento de búfer, podría permitir a un atacante ejecutar código arbitrario en una máquina cliente mediante una URL especialmente diseñada.

Solución



Actualización de software

Mozilla
Actualice Mozilla a la versión 1.7.5
http://www.mozilla.org/releases/

Red Hat Linux

Red Hat Desktop (v. 3) / SRPMS:
mozilla-1.4.3-3.0.7.src.rpm

Red Hat Desktop (v. 3) / IA-32:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-chat-1.4.3-3.0.7.i386.rpm
mozilla-devel-1.4.3-3.0.7.i386.rpm
mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm
mozilla-js-debugger-1.4.3-3.0.7.i386.rpm
mozilla-mail-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-devel-1.4.3-3.0.7.i386.rpm

Red Hat Desktop (v. 3) / x86_64:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-1.4.3-3.0.7.x86_64.rpm
mozilla-chat-1.4.3-3.0.7.x86_64.rpm
mozilla-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm
mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm
mozilla-mail-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm

Red Hat Enterprise Linux AS (v. 2.1) / SRPMS:
mozilla-1.4.3-2.1.5.src.rpm

Red Hat Enterprise Linux AS (v. 2.1) / IA-32:
mozilla-1.4.3-2.1.5.i386.rpm
mozilla-chat-1.4.3-2.1.5.i386.rpm
mozilla-devel-1.4.3-2.1.5.i386.rpm
mozilla-dom-inspector-1.4.3-2.1.5.i386.rpm
mozilla-js-debugger-1.4.3-2.1.5.i386.rpm
mozilla-mail-1.4.3-2.1.5.i386.rpm
mozilla-nspr-1.4.3-2.1.5.i386.rpm
mozilla-nspr-devel-1.4.3-2.1.5.i386.rpm
mozilla-nss-1.4.3-2.1.5.i386.rpm
mozilla-nss-devel-1.4.3-2.1.5.i386.rpm

Red Hat Enterprise Linux AS (v. 2.1) / IA-64:
mozilla-1.4.3-2.1.5.ia64.rpm
mozilla-chat-1.4.3-2.1.5.ia64.rpm
mozilla-devel-1.4.3-2.1.5.ia64.rpm
mozilla-dom-inspector-1.4.3-2.1.5.ia64.rpm
mozilla-js-debugger-1.4.3-2.1.5.ia64.rpm
mozilla-mail-1.4.3-2.1.5.ia64.rpm
mozilla-nspr-1.4.3-2.1.5.ia64.rpm
mozilla-nspr-devel-1.4.3-2.1.5.ia64.rpm
mozilla-nss-1.4.3-2.1.5.ia64.rpm
mozilla-nss-devel-1.4.3-2.1.5.ia64.rpm

Red Hat Enterprise Linux AS (v. 3) / SRPMS:
mozilla-1.4.3-3.0.7.src.rpm

Red Hat Enterprise Linux AS (v. 3) / IA-32:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-chat-1.4.3-3.0.7.i386.rpm
mozilla-devel-1.4.3-3.0.7.i386.rpm
mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm
mozilla-js-debugger-1.4.3-3.0.7.i386.rpm
mozilla-mail-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-devel-1.4.3-3.0.7.i386.rpm

Red Hat Enterprise Linux AS (v. 3) / IA-64:
mozilla-1.4.3-3.0.7.ia64.rpm
mozilla-chat-1.4.3-3.0.7.ia64.rpm
mozilla-devel-1.4.3-3.0.7.ia64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.ia64.rpm
mozilla-js-debugger-1.4.3-3.0.7.ia64.rpm
mozilla-mail-1.4.3-3.0.7.ia64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.ia64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.ia64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.ia64.rpm
mozilla-nss-devel-1.4.3-3.0.7.ia64.rpm

Red Hat Enterprise Linux AS (v. 3) / PPC:
mozilla-1.4.3-3.0.7.ppc.rpm
mozilla-chat-1.4.3-3.0.7.ppc.rpm
mozilla-devel-1.4.3-3.0.7.ppc.rpm
mozilla-dom-inspector-1.4.3-3.0.7.ppc.rpm
mozilla-js-debugger-1.4.3-3.0.7.ppc.rpm
mozilla-mail-1.4.3-3.0.7.ppc.rpm
mozilla-nspr-1.4.3-3.0.7.ppc.rpm
mozilla-nspr-devel-1.4.3-3.0.7.ppc.rpm
mozilla-nss-1.4.3-3.0.7.ppc.rpm
mozilla-nss-devel-1.4.3-3.0.7.ppc.rpm

Red Hat Enterprise Linux AS (v. 3) / s390:
mozilla-1.4.3-3.0.7.s390.rpm
mozilla-chat-1.4.3-3.0.7.s390.rpm
mozilla-devel-1.4.3-3.0.7.s390.rpm
mozilla-dom-inspector-1.4.3-3.0.7.s390.rpm
mozilla-js-debugger-1.4.3-3.0.7.s390.rpm
mozilla-mail-1.4.3-3.0.7.s390.rpm
mozilla-nspr-1.4.3-3.0.7.s390.rpm
mozilla-nspr-devel-1.4.3-3.0.7.s390.rpm
mozilla-nss-1.4.3-3.0.7.s390.rpm
mozilla-nss-devel-1.4.3-3.0.7.s390.rpm

Red Hat Enterprise Linux AS (v. 3) / s390x:
mozilla-1.4.3-3.0.7.s390x.rpm
mozilla-chat-1.4.3-3.0.7.s390x.rpm
mozilla-devel-1.4.3-3.0.7.s390x.rpm
mozilla-dom-inspector-1.4.3-3.0.7.s390x.rpm
mozilla-js-debugger-1.4.3-3.0.7.s390x.rpm
mozilla-mail-1.4.3-3.0.7.s390x.rpm
mozilla-nspr-1.4.3-3.0.7.s390.rpm
mozilla-nspr-1.4.3-3.0.7.s390x.rpm
mozilla-nspr-devel-1.4.3-3.0.7.s390x.rpm
mozilla-nss-1.4.3-3.0.7.s390.rpm
mozilla-nss-1.4.3-3.0.7.s390x.rpm
mozilla-nss-devel-1.4.3-3.0.7.s390x.rpm

Red Hat Enterprise Linux AS (v. 3) / x86_64:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-1.4.3-3.0.7.x86_64.rpm
mozilla-chat-1.4.3-3.0.7.x86_64.rpm
mozilla-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm
mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm
mozilla-mail-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm

Red Hat Enterprise Linux ES (v. 2.1) / SRPMS:
mozilla-1.4.3-2.1.5.src.rpm

Red Hat Enterprise Linux ES (v. 2.1) / IA-32:
mozilla-1.4.3-2.1.5.i386.rpm
mozilla-chat-1.4.3-2.1.5.i386.rpm
mozilla-devel-1.4.3-2.1.5.i386.rpm
mozilla-dom-inspector-1.4.3-2.1.5.i386.rpm
mozilla-js-debugger-1.4.3-2.1.5.i386.rpm
mozilla-mail-1.4.3-2.1.5.i386.rpm
mozilla-nspr-1.4.3-2.1.5.i386.rpm
mozilla-nspr-devel-1.4.3-2.1.5.i386.rpm
mozilla-nss-1.4.3-2.1.5.i386.rpm
mozilla-nss-devel-1.4.3-2.1.5.i386.rpm

Red Hat Enterprise Linux ES (v. 3) / SRPMS:
mozilla-1.4.3-3.0.7.src.rpm

Red Hat Enterprise Linux ES (v. 3) / IA-32:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-chat-1.4.3-3.0.7.i386.rpm
mozilla-devel-1.4.3-3.0.7.i386.rpm
mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm
mozilla-js-debugger-1.4.3-3.0.7.i386.rpm
mozilla-mail-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-devel-1.4.3-3.0.7.i386.rpm

Red Hat Enterprise Linux ES (v. 3) / IA-64:
mozilla-1.4.3-3.0.7.ia64.rpm
mozilla-chat-1.4.3-3.0.7.ia64.rpm
mozilla-devel-1.4.3-3.0.7.ia64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.ia64.rpm
mozilla-js-debugger-1.4.3-3.0.7.ia64.rpm
mozilla-mail-1.4.3-3.0.7.ia64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.ia64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.ia64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.ia64.rpm
mozilla-nss-devel-1.4.3-3.0.7.ia64.rpm

Red Hat Enterprise Linux ES (v. 3) / x86_64:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-1.4.3-3.0.7.x86_64.rpm
mozilla-chat-1.4.3-3.0.7.x86_64.rpm
mozilla-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm
mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm
mozilla-mail-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm

Red Hat Enterprise Linux WS (v. 2.1) / SRPMS:
mozilla-1.4.3-2.1.5.src.rpm

Red Hat Enterprise Linux WS (v. 2.1) / IA-32:
mozilla-1.4.3-2.1.5.i386.rpm
mozilla-chat-1.4.3-2.1.5.i386.rpm
mozilla-devel-1.4.3-2.1.5.i386.rpm
mozilla-dom-inspector-1.4.3-2.1.5.i386.rpm
mozilla-js-debugger-1.4.3-2.1.5.i386.rpm
mozilla-mail-1.4.3-2.1.5.i386.rpm
mozilla-nspr-1.4.3-2.1.5.i386.rpm
mozilla-nspr-devel-1.4.3-2.1.5.i386.rpm
mozilla-nss-1.4.3-2.1.5.i386.rpm
mozilla-nss-devel-1.4.3-2.1.5.i386.rpm

Red Hat Enterprise Linux WS (v. 3) / SRPMS:
mozilla-1.4.3-3.0.7.src.rpm

Red Hat Enterprise Linux WS (v. 3) / IA-32:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-chat-1.4.3-3.0.7.i386.rpm
mozilla-devel-1.4.3-3.0.7.i386.rpm
mozilla-dom-inspector-1.4.3-3.0.7.i386.rpm
mozilla-js-debugger-1.4.3-3.0.7.i386.rpm
mozilla-mail-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-devel-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-devel-1.4.3-3.0.7.i386.rpm

Red Hat Enterprise Linux WS (v. 3) / IA-64:
mozilla-1.4.3-3.0.7.ia64.rpm
mozilla-chat-1.4.3-3.0.7.ia64.rpm
mozilla-devel-1.4.3-3.0.7.ia64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.ia64.rpm
mozilla-js-debugger-1.4.3-3.0.7.ia64.rpm
mozilla-mail-1.4.3-3.0.7.ia64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.ia64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.ia64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.ia64.rpm
mozilla-nss-devel-1.4.3-3.0.7.ia64.rpm

Red Hat Enterprise Linux WS (v. 3) / x86_64:
mozilla-1.4.3-3.0.7.i386.rpm
mozilla-1.4.3-3.0.7.x86_64.rpm
mozilla-chat-1.4.3-3.0.7.x86_64.rpm
mozilla-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-dom-inspector-1.4.3-3.0.7.x86_64.rpm
mozilla-js-debugger-1.4.3-3.0.7.x86_64.rpm
mozilla-mail-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-1.4.3-3.0.7.i386.rpm
mozilla-nspr-1.4.3-3.0.7.x86_64.rpm
mozilla-nspr-devel-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-1.4.3-3.0.7.i386.rpm
mozilla-nss-1.4.3-3.0.7.x86_64.rpm
mozilla-nss-devel-1.4.3-3.0.7.x86_64.rpm

Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor / SRPMS:
mozilla-1.4.3-2.1.5.src.rpm

Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor / IA-64:
mozilla-1.4.3-2.1.5.ia64.rpm
mozilla-chat-1.4.3-2.1.5.ia64.rpm
mozilla-devel-1.4.3-2.1.5.ia64.rpm
mozilla-dom-inspector-1.4.3-2.1.5.ia64.rpm
mozilla-js-debugger-1.4.3-2.1.5.ia64.rpm
mozilla-mail-1.4.3-2.1.5.ia64.rpm
mozilla-nspr-1.4.3-2.1.5.ia64.rpm
mozilla-nspr-devel-1.4.3-2.1.5.ia64.rpm
mozilla-nss-1.4.3-2.1.5.ia64.rpm
mozilla-nss-devel-1.4.3-2.1.5.ia64.rpm
https://rhn.redhat.com/

Hewlett-Packard
HP PA-RISC 11.0 / Mozilla 1.7.8.00
HP PA-RISC 11i v1 (11.11) / Mozilla 1.7.8.00
HP PA-RISC 11i v2 (11.23) / Mozilla 1.7.8.00
HP Integrity 11.22 (11i v1.6) / Mozilla 1.7.8.00
HP-UX 11.23 (11i v2) / Mozilla 1.7.8.00
http://www.hp.com/products1/unix/java/mozilla/index.html

Identificadores estándar

Propiedad Valor
CVE CAN-2004-1316
BID

Recursos adicionales

BUGTRAQ ARCHIVE 385709
http://www.securityfocus.com/archive/1/385709/2004-12-26/2005-01-01/0

Bugzilla Bug 264388
https://bugzilla.mozilla.org/show_bug.cgi?id=264388

Red Hat Linux Security advisory RHSA-2005:038-05
https://rhn.redhat.com/errata/RHSA-2005-038.html

HP SECURITY BULLETIN HPSBTU01114
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01114

HP SECURITY BULLETIN SSRT5940
http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01133

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2004-12-31
2.0 Exploit público disponible 2005-01-03
2.1 Referencia CAN añadida. Aviso emitido por Red Hat Linux (RHSA-2005:038-05) 2005-01-14
2.2 Aviso emitido por HP (HPSBTU01114) 2005-02-07
2.3 Aviso emitido por HP (HPSBUX01133) 2005-04-20
2.4 Aviso actualizado por HP (SSRT5940) 2005-10-11

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT