首页 -> 安全研究

安全研究

安全漏洞
Perl Unicode “\Q...\E”正则表达式缓冲区溢出漏洞

发布日期:2008-04-24
更新日期:2008-04-25

受影响系统:
Larry Wall Perl 5.8.8
描述:
BUGTRAQ  ID: 28928
CVE(CAN) ID: CVE-2008-1927

Perl是一种免费且功能强大的编程语言。

Perl在处理畸形的正则表达式时存在漏洞,如果用户所提供的正则表达式字符包含在“\Q...\E”结构所保护的变量中的话,则Perl解释器在编译正则表达式时可能会出现缓冲区溢出,导致拒绝服务的情况。

<*来源:Don Armstrong
  
  链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
        http://www.nntp.perl.org/group/perl.perl5.porters/2008/04/msg135902.html
        http://www.debian.org/security/2008/dsa-1556
        http://www.debian.org/security/2008/dsa-1556
        https://www.redhat.com/support/errata/RHSA-2008-0532.html
        https://www.redhat.com/support/errata/RHSA-2008-0522.html
*>

测试方法:

警 告

以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!

http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=test.pl;att=2;bug=454792

建议:
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-1556-2)以及相应补丁:
DSA-1556-2:New perl packages fix denial of service
链接:http://www.debian.org/security/2008/dsa-1556

补丁下载:
Source archives:

http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3.dsc
Size/MD5 checksum:     1033 a64a02ca01379537d6b203f10b4057b0
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz
Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3.diff.gz
Size/MD5 checksum:    99389 ac6b2e452c2062c5e98148f55220b9f3

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch3_all.deb
Size/MD5 checksum:  2313550 6150633786b45319e72c73ab60a20d5a
http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch3_all.deb
Size/MD5 checksum:  7348642 36d0578f3232446b96d10f3488c23949
http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch3_all.deb
Size/MD5 checksum:    41038 dfc3818aa0723f40b5ef8d5ca73d06e6

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_alpha.deb
Size/MD5 checksum:  2928940 521789d9f4f06e19f38f2d80e60e57ca
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_alpha.deb
Size/MD5 checksum:     1012 6ce87e637517b7fec825004a905114d5
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_alpha.deb
Size/MD5 checksum:  4150130 aa2954d40e69b38fe52dfa61b079587e
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_alpha.deb
Size/MD5 checksum:   880010 26b0f20c23af58b5338d9d299985f5eb
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_alpha.deb
Size/MD5 checksum:   821768 a68207e952d88524c69ca2514f83da2c
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_alpha.deb
Size/MD5 checksum:    36238 741dcafe355fbad6377c64e1efe99339

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_amd64.deb
Size/MD5 checksum:   630678 14542161388a8c503c7a7abb6d33d4d4
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_amd64.deb
Size/MD5 checksum:  2735170 cc9d44d140168420a31f976087a6848b
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_amd64.deb
Size/MD5 checksum:     1010 650fb6254665901c0cb840f910954a11
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_amd64.deb
Size/MD5 checksum:    32798 153d300bc6ffad71441acf04afde4803
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_amd64.deb
Size/MD5 checksum:   809292 02d678a10a760c707043700080fe6677
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_amd64.deb
Size/MD5 checksum:  4237990 6e0392904c08c4fba6bb93ee1ace7dd0

arm architecture (ARM)

http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_arm.deb
Size/MD5 checksum:  3409592 23428b1370d50aad1f425feb1cff4559
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_arm.deb
Size/MD5 checksum:    30344 c874fcfe16c4f6e3a53014fb6376e0cc
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_arm.deb
Size/MD5 checksum:  2548190 f2a0f316e55c5f048132edda75149b22
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_arm.deb
Size/MD5 checksum:   562106 3dc05aa3411b106ba3d3d2902f01c5b4
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_arm.deb
Size/MD5 checksum:     1008 5b67dea39e217a3f0039b4f5a4d51c48
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_arm.deb
Size/MD5 checksum:   759956 810ecc85a40cd4731c89be7c5f5151b3

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_hppa.deb
Size/MD5 checksum:   694276 a8e08f8325c27edb5528356594dee301
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_hppa.deb
Size/MD5 checksum:     1008 fb441621a9b8622675a63f82706ed4f1
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_hppa.deb
Size/MD5 checksum:  2735400 b10f4ee6ada5dc2a1a42b26c5090c0e6
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_hppa.deb
Size/MD5 checksum:  4198474 394b378c3188ac1ea1bd9cae71a138e3
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_hppa.deb
Size/MD5 checksum:    33208 aeaec5068584da309184b6b937b00fdf
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_hppa.deb
Size/MD5 checksum:   871692 7595034132ebbe7b65bb2e0ab739ea62

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_i386.deb
Size/MD5 checksum:   585418 750a89f0e8ed51e7dd784010d37b22f2
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_i386.deb
Size/MD5 checksum:   760444 84dfd960de2e6c3193ead1578fc6178a
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_i386.deb
Size/MD5 checksum:  3583958 8903237c768dae6f34b07a1ba9684ba0
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_i386.deb
Size/MD5 checksum:  2492000 cb7a9d05c896448251c5dae515055338
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_i386.deb
Size/MD5 checksum:   527154 f004d1f671fdc770d34681548818891b
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_i386.deb
Size/MD5 checksum:    32080 169b3dcf64d02aea0bd0f0b62aeb2019

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_ia64.deb
Size/MD5 checksum:     1008 9f967c09935de60b9321c44d8894212e
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_ia64.deb
Size/MD5 checksum:  3364466 046847298ebb320b86056452d23a92ab
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_ia64.deb
Size/MD5 checksum:  4336102 6ff6abb8bfe16c094b9407bb215a168f
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_ia64.deb
Size/MD5 checksum:    51280 2441994f1f61785a96fb56491849f42c
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_ia64.deb
Size/MD5 checksum:   978068 4c29b16f2644716dcd77b00feeedfa1a
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_ia64.deb
Size/MD5 checksum:  1153844 fceb380f514bebd80fa7d1ecaa41ec17

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_mips.deb
Size/MD5 checksum:    32216 2ec36ff356503b6fc0c98faef0042c92
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_mips.deb
Size/MD5 checksum:  3678900 e930f656b71e632628ee9e5ad083d4f6
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_mips.deb
Size/MD5 checksum:   693964 c67ba860ab192c7941920d2de57f69ea
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_mips.deb
Size/MD5 checksum:   785986 ec30eca10729b7a58bd1ee3878ff84b0
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_mips.deb
Size/MD5 checksum:  2781968 e6e72cd6c93f50dc628e08af41dc2a26
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_mips.deb
Size/MD5 checksum:     1010 b6f93cf6098eecd4fe06179f0dd47c23

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_mipsel.deb
Size/MD5 checksum:  3413532 d440057cc724bfabd65917fc6184519b
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_mipsel.deb
Size/MD5 checksum:    32334 b89c1cc895fdbcb309813e914434e83e
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_mipsel.deb
Size/MD5 checksum:   784698 abf70292fa9e7f6100d810ee018f4c28
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_mipsel.deb
Size/MD5 checksum:  2730374 ab73bdb814b408fe8bcca4ee395c4186
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_mipsel.deb
Size/MD5 checksum:     1016 1c3f9b401b4982978a4d769e353b591b
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_mipsel.deb
Size/MD5 checksum:   687348 bbf95de1cd60bb397b49b74e20ac161c

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_powerpc.deb
Size/MD5 checksum:   810864 f261468604909329540da9dda685325b
http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_powerpc.deb
Size/MD5 checksum:    32900 ba5131e5c331035c069d49c6ecaf9ddd
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_powerpc.deb
Size/MD5 checksum:     1010 ee9735302fa6bd9baae584c85fe92231
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_powerpc.deb
Size/MD5 checksum:  3824904 dc95a48f1c20c570c89fbb3a17d2fbf7
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_powerpc.deb
Size/MD5 checksum:   653450 f0ce69e7c51dfc23776b9a0ab09fca16
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_powerpc.deb
Size/MD5 checksum:  2710134 e10ba40f94badd889ed8c8a53c1c4a17

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch3_s390.deb
Size/MD5 checksum:    33094 09c33ce5eecc5c81c66b99ee79dad2cf
http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch3_s390.deb
Size/MD5 checksum:  4100014 d2abb0aa96cbe52bb8cbb8943c256e98
http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch3_s390.deb
Size/MD5 checksum:     1006 a8ad39eaa80c40d019a9282feca516b7
http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch3_s390.deb
Size/MD5 checksum:  2796644 212c95d164c8b2b7d72ce2906e49cbd2
http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch3_s390.deb
Size/MD5 checksum:   823450 14a09f800b956d85ba8b511eb8a79ebd
http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch3_s390.deb
Size/MD5 checksum:   633594 d95e0efda1f3d1c28d21a13dc0ded77b

补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2008:0532-01)以及相应补丁:
RHSA-2008:0532-01:Important: perl security update
链接:https://www.redhat.com/support/errata/RHSA-2008-0532.html

浏览次数:5927
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障