首页 -> 安全研究
安全研究
安全漏洞
Solaris漏洞威胁Cisco Media Gateway Controller的安全
发布日期:2002-01-16
更新日期:2002-01-17
受影响系统:
Cisco Billing and Management Server描述:
- Sun Solaris 2.6
Cisco PGW 2200
- Sun Solaris 2.6
Cisco SC2200
- Sun Solaris 2.6
Cisco VSC3000
- Sun Solaris 2.6
BUGTRAQ ID: 3897
CVE(CAN) ID: CVE-2002-2037
Cisco Media Gateway Controller (MGC)是基于Solaris 2.6操作系统的产品。
Solaris缺省安装后存在几个安全漏洞,而这些漏洞可能会被攻击者远程利用来入侵此设备。
Cisco已经给MGC系统制作了补丁修复Solaris的漏洞。
<*来源:Cisco PSIRT (psirt@cisco.com)
链接:http://www.cisco.com/warp/public/707/Solaris-for-MGC-pub.shtml
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 关闭不必要的远程服务,限制不可信用户访问Cisco Media Gateway Controller
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(Cisco-Solaris-for-MGC-pub)以及相应补丁:
Cisco-Solaris-for-MGC-pub:Hardening of Solaris OS for MGC
链接:http://www.cisco.com/warp/public/707/Solaris-for-MGC-pub.shtml
相应的补丁:
+-----------------------+-----------------------+--------------------+
|SC2200 |All release up to and |MGCSOL-h007.bin and |
| |including 7.4(x) |MGCSOL-h013.bin |
+-----------------------+-----------------------+--------------------+
| |All releases up to and | |
|VSC3000 |including release |MGCSOL-h007.bin and |
| |9.1(x) |MGCSOL-h013.bin |
+-----------------------+-----------------------+--------------------+
| |All releases up to and | |
|PGW 2200 |including release |MGCSOL-h007.bin and |
| |9.1(x) |MGCSOL-h013.bin |
+-----------------------+-----------------------+--------------------+
|Billing and Management |All systems running | |
|Server (BAMS) |Solaris 2.6 |MGCSOL-h007.bin only|
+-----------------------+-----------------------+--------------------+
|Voice Services | | |
|Provisioning Tool |All systems running |MGCSOL-h007.bin only|
|(VSPT) |Solaris 2.6 | |
+-----------------------+-----------------------+--------------------+
您可以在下列链接中下载上述补丁或升级软件:
http://www.cisco.com/cgi-bin/tablebuild.pl/mgc-sol
(注:您需要在cisco网站上拥有一个注册帐号才可以访问上述链接)
浏览次数:3576
严重程度:0(网友投票)
绿盟科技给您安全的保障