阿里云漏洞库

漏洞描述

Expat 2.0.1中libexpat中的lib / xmltok_impl.c中的updatePosition函数，如Python，PyXML，w3c-libwww和其他软件中所使用，允许依赖于上下文的攻击者通过具有精心设计的UTF-8序列的XML 文档，触发缓冲区过度读取，导致拒绝服务(应用程序崩溃)，这是一个与CVE-2009-2625不同的漏洞。

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13...
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051442.html
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html
http://marc.info/?l=bugtraq&m=130168502603566&w=2
http://secunia.com/advisories/37324
http://secunia.com/advisories/37537
http://secunia.com/advisories/37925
http://secunia.com/advisories/38050
http://secunia.com/advisories/38231
http://secunia.com/advisories/38794
http://secunia.com/advisories/38832
http://secunia.com/advisories/38834
http://secunia.com/advisories/39478
http://secunia.com/advisories/41701
http://secunia.com/advisories/42326
http://secunia.com/advisories/42338
http://secunia.com/advisories/43300
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackw...
http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=101...
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1
http://svn.python.org/view?view=rev&revision=74429
http://www.mandriva.com/security/advisories?name=MDVSA-2009:211
http://www.mandriva.com/security/advisories?name=MDVSA-2009:212
http://www.mandriva.com/security/advisories?name=MDVSA-2009:215
http://www.mandriva.com/security/advisories?name=MDVSA-2009:216
http://www.mandriva.com/security/advisories?name=MDVSA-2009:217
http://www.mandriva.com/security/advisories?name=MDVSA-2009:218
http://www.mandriva.com/security/advisories?name=MDVSA-2009:219
http://www.mandriva.com/security/advisories?name=MDVSA-2009:220
http://www.openwall.com/lists/oss-security/2009/08/21/2
http://www.openwall.com/lists/oss-security/2009/08/26/3
http://www.openwall.com/lists/oss-security/2009/08/26/4
http://www.openwall.com/lists/oss-security/2009/08/27/6
http://www.openwall.com/lists/oss-security/2009/09/06/1
http://www.openwall.com/lists/oss-security/2009/10/22/5
http://www.openwall.com/lists/oss-security/2009/10/22/9
http://www.openwall.com/lists/oss-security/2009/10/23/2
http://www.openwall.com/lists/oss-security/2009/10/23/6
http://www.openwall.com/lists/oss-security/2009/10/26/3
http://www.openwall.com/lists/oss-security/2009/10/28/3
http://www.redhat.com/support/errata/RHSA-2010-0002.html
http://www.redhat.com/support/errata/RHSA-2011-0896.html
http://www.securitytracker.com/id?1023160
http://www.ubuntu.com/usn/USN-890-1
http://www.ubuntu.com/usn/USN-890-6
http://www.vupen.com/english/advisories/2010/0528
http://www.vupen.com/english/advisories/2010/0896
http://www.vupen.com/english/advisories/2010/1107
http://www.vupen.com/english/advisories/2010/3035
http://www.vupen.com/english/advisories/2010/3053
http://www.vupen.com/english/advisories/2010/3061
http://www.vupen.com/english/advisories/2011/0359
https://bugs.gentoo.org/show_bug.cgi?id=280615
https://bugzilla.redhat.com/show_bug.cgi?id=531697
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e0...
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc1...
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5...
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360...
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9...
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e8...
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8...
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef...
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86...
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb7...
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b...
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525...
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6...
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694...
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f...
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20...
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf...
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5e...
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5...
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d00...
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f...
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806ce...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01274.html

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	a_m_kuchling	pyxml	*	-
	运行在以下环境
	应用	james_clark	expat	2.0.1	-
	运行在以下环境
	应用	python	python	*	-
	运行在以下环境
	系统	centos_5	PyXML	*		Up to (excluding) 2.4.3-44.el5
	运行在以下环境
	系统	debian_10	audacity	*		Up to (excluding) 1.3.2-1
	运行在以下环境
	系统	debian_11	audacity	*		Up to (excluding) 1.3.2-1
	运行在以下环境
	系统	debian_12	audacity	*		Up to (excluding) 1.3.2-1
	运行在以下环境
	系统	debian_4.0	expat	*		Up to (excluding) 1.95.8-3.4+etch1
	运行在以下环境
	系统	debian_5.0	expat	*		Up to (excluding) 2.0.1-4+lenny1
	运行在以下环境
	系统	debian_9	cadaver	*		Up to (including) 0.23.3-2
	运行在以下环境
	系统	fedora_EPEL_5	udunits2-debuginfo	*		Up to (excluding) 2.1.19-1.el5.1
	运行在以下环境
	系统	oracle_5	oraclelinux-release	*		Up to (excluding) 2.4.3-44.el5
	运行在以下环境
	系统	redhat_5	python	*		Up to (excluding) 0:2.4.3-44.el5
	运行在以下环境
	系统	suse_12	apache2	*		Up to (excluding) 2.4.10-6
	运行在以下环境
	系统	ubuntu_12.04.5_lts	ayttm	*		Up to (excluding) 0.6.1-2
	运行在以下环境
	系统	ubuntu_14.04	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_14.04.6_lts	ayttm	*		Up to (excluding) 0.6.1-2
	运行在以下环境
	系统	ubuntu_16.04	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_16.04.7_lts	ayttm	*		Up to (excluding) 0.6.1-2
	运行在以下环境
	系统	ubuntu_18.04	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_18.04.5_lts	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_18.10	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_20.04	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_21.04	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_21.10	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_22.04	expat	*		Up to (excluding) 2.0.1-7ubuntu1
	运行在以下环境
	系统	ubuntu_22.10	expat	*		Up to (excluding) 2.0.1-7ubuntu1

攻击路径

远程
攻击复杂度

容易
权限要求

无需权限
影响范围

全局影响
EXP成熟度

未验证
补丁情况

没有补丁
数据保密性

无影响
数据完整性

无影响
服务器危害

DoS
全网数量

N/A

CWE-ID	漏洞类型
NVD-CWE-noinfo

中危 James Clark expat 2.0.1 lib/xmltok_impl.c updatePosition 拒绝服务漏洞

漏洞描述

解决建议

参考链接

受影响软件情况