Foundstone FScan处理旗帜获取功能上存在格式字符串漏洞

发布时间：2002-04-23
更新时间：2002-04-23
严重程度：高
威胁程度：普通用户访问权限
错误类型：输入验证错误
利用方式：服务器模式

BUGTRAQ ID：4549

受影响系统

Foundstone FScan 1.12
   - Microsoft Windows 2000 Advanced Server
   - Microsoft Windows 2000 Advanced Server SP1
   - Microsoft Windows 2000 Advanced Server SP2
   - Microsoft Windows 2000 Datacenter Server
   - Microsoft Windows 2000 Datacenter Server SP1
   - Microsoft Windows 2000 Datacenter Server SP2
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 2000 Server
   - Microsoft Windows 2000 Server SP1
   - Microsoft Windows 2000 Server SP2
   - Microsoft Windows 2000 Terminal Services
   - Microsoft Windows 2000 Terminal Services SP1
   - Microsoft Windows 2000 Terminal Services SP2
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT Enterprise Server 4.0
   - Microsoft Windows NT Enterprise Server 4.0 SP1
   - Microsoft Windows NT Enterprise Server 4.0 SP2
   - Microsoft Windows NT Enterprise Server 4.0 SP3
   - Microsoft Windows NT Enterprise Server 4.0 SP4
   - Microsoft Windows NT Enterprise Server 4.0 SP5
   - Microsoft Windows NT Enterprise Server 4.0 SP6
   - Microsoft Windows NT Enterprise Server 4.0 SP6a
   - Microsoft Windows NT Server 4.0
   - Microsoft Windows NT Server 4.0 SP1
   - Microsoft Windows NT Server 4.0 SP2
   - Microsoft Windows NT Server 4.0 SP3
   - Microsoft Windows NT Server 4.0 SP4
   - Microsoft Windows NT Server 4.0 SP5
   - Microsoft Windows NT Server 4.0 SP6
   - Microsoft Windows NT Server 4.0 SP6a
   - Microsoft Windows NT Terminal Server 4.0
   - Microsoft Windows NT Terminal Server 4.0 SP1
   - Microsoft Windows NT Terminal Server 4.0 SP2
   - Microsoft Windows NT Terminal Server 4.0 SP3
   - Microsoft Windows NT Terminal Server 4.0 SP4
   - Microsoft Windows NT Terminal Server 4.0 SP5
   - Microsoft Windows NT Terminal Server 4.0 SP6
   - Microsoft Windows NT Terminal Server 4.0 SP6a
   - Microsoft Windows NT Workstation 4.0
   - Microsoft Windows NT Workstation 4.0 SP1
   - Microsoft Windows NT Workstation 4.0 SP2
   - Microsoft Windows NT Workstation 4.0 SP3
   - Microsoft Windows NT Workstation 4.0 SP4
   - Microsoft Windows NT Workstation 4.0 SP5
   - Microsoft Windows NT Workstation 4.0 SP6
   - Microsoft Windows NT Workstation 4.0 SP6a

详细描述
FScan是FOUNDSTONE开发的网络扫描工具。

其中由于FScan在处理扫描主机提供的旗帜数据时存在漏洞，直接把旗帜数据以格式字符串提送给FSCAN，如果主机提供的数据包含格式字符串就可以导致执行代码以FSCAN进程在扫描主机上执行。

测试代码
尚无

解决方案
升级程序：

Foundstone FScan 1.12:

Foundstone Upgrade fscan114.zip
http://www.foundstone.com/knowledge/zips/fscan114.zip

相关信息
Peter Gründl <pgrundl@kpmg.dk>.
参考：http://online.securityfocus.com/archive/1/268581
相关主页：http://www.foundstone.com/knowledge/proddesc/fscan.html

最近严重漏洞

Foundstone FScan处理旗帜获取功能上存在格式字符串漏洞