Details of VAR-200504-0129

ID

VAR-200504-0129

TITLE

Multiple Debugger Malicious Code Execution Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2005-0831

DESCRIPTION

Microsoft Visual C++, Microsoft WinDbg, and OllyDbg are very popular debuggers. An access validation vulnerability exists in the implementation of these debuggers, which allows the user of the debugger to execute arbitrary code on the host. The cause is that the affected application cannot ensure that the code being checked is running in a restricted environment. If a non-armed user attempts to debug an attacker-provided executable, the malicious code in the containing library is run in an uncontrolled manner in the debugger's environment. This vulnerability allows a remote attacker to execute arbitrary code in an environment that is affected by the debugger. Due to the security nature expected of the debugger, even very careful users can suffer. Other debuggers are also likely affected, as the underlying operating system design makes it very difficult to avoid this vulnerability

Trust: 0.81

sources: CNVD: CNVD-2005-0831 // BID: 13104

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2005-0831

AFFECTED PRODUCTS

vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	ollydbg	model:	ollydbg	scope:	eq	version:	1.10	Trust: 0.3
vendor:	ollydbg	model:	ollydbg	scope:	eq	version:	1.09	Trust: 0.3
vendor:	ollydbg	model:	8b	scope:	eq	version:	1.0	Trust: 0.3
vendor:	ollydbg	model:	ollydbg	scope:	eq	version:	1.06	Trust: 0.3
vendor:	microsoft	model:	windbg	scope:	-	version:	-	Trust: 0.3
vendor:	microsoft	model:	visual c++	scope:	eq	version:	7.0	Trust: 0.3
vendor:	microsoft	model:	visual c++ sp5	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	visual c++ sp4	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	visual c++ sp3	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	visual c++ sp2	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	visual c++ sp1	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	visual c++	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	visual c++	scope:	eq	version:	4.0	Trust: 0.3

sources: CNVD: CNVD-2005-0831 // BID: 13104

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2005-0831
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2005-0831
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2005-0831

THREAT TYPE

network

Trust: 0.3

sources: BID: 13104

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 13104

EXTERNAL IDS

db:	BID	id:	13104	Trust: 0.9
db:	CNVD	id:	CNVD-2005-0831	Trust: 0.6

sources: CNVD: CNVD-2005-0831 // BID: 13104

REFERENCES

url:	http://www.security-assessment.com/whitepapers/predebug.pdf	Trust: 0.3
url:	http://www.microsoft.com/whdc/devtools/debugging/default.mspx	Trust: 0.3
url:	http://home.t-online.de/home/ollydbg/	Trust: 0.3
url:	/archive/1/395520	Trust: 0.3

sources: BID: 13104

CREDITS

"Brett Moore" <brett.moore@security-assessment.com> is credited with the disclosure of this vulnerability.

Trust: 0.3

sources: BID: 13104

SOURCES

db:	CNVD	id:	CNVD-2005-0831
db:	BID	id:	13104

LAST UPDATE DATE

2022-05-17T02:09:30.767000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2005-0831	date:	2014-01-23T00:00:00
db:	BID	id:	13104	date:	2005-04-11T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2005-0831	date:	2005-04-12T00:00:00
db:	BID	id:	13104	date:	2005-04-11T00:00:00