首页 -> 安全研究
安全研究
安全漏洞
Free/SWan远程拒绝服务攻击漏洞
发布日期:2002-12-02
更新日期:2002-12-04
受影响系统:
Free/SWAN Free/SWAN 1.9.5描述:
Free/SWAN Free/SWAN 1.9.4
Free/SWAN Free/SWAN 1.9.3
Free/SWAN Free/SWAN 1.9.2
Free/SWAN Free/SWAN 1.9.1
Free/SWAN Free/SWAN 1.9
Free/SWAN Free/SWAN 1.9.6
- Debian Linux 3.0 68k
- Debian Linux 3.0 powerpc
- Debian Linux 3.0 i386
- Debian Linux 3.0 alpha
- Debian Linux 3.0 sparc
- Debian Linux 3.0 IA-32
- Debian Linux 3.0 arm
- RedHat Linux 7.3
- RedHat Linux 7.2
- RedHat Linux 7.1
CVE(CAN) ID: CVE-2002-0666
IPSEC是一款IP安全扩展,提供IP通信验证和加密,Free/SWan是IPSEC在DEBIAN的实现。
Free/SWan没有正确处理非常短的包,远程攻击者可以利用这个漏洞对Free/SWan进行拒绝服务攻击。
Bindview发现多个IPSEC实现没有正确处理非常短的包,攻击者发送此类包可导致内核出现错误,造成拒绝服务攻击。
<*来源:Martin Schulze (joey@infodrom.org)
链接:http://www.debian.org/security/2002/dsa-201
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-201-1)以及相应补丁:
DSA-201-1:New Free/SWan packages fix denial of service
链接:http://www.debian.org/security/2002/dsa-201
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4.dsc
Size/MD5 checksum: 637 1917ba063e4058123034247ddb105bfa
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4.diff.gz
Size/MD5 checksum: 322480 ad70a2ecd67bbc1ae7b6eb6fcdb84da8
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96.orig.tar.gz
Size/MD5 checksum: 2251757 9ea1a778713e48d39f3c77de5f54752b
Architecture independent components:
http://security.debian.org/pool/updates/main/f/freeswan/kernel-patch-freeswan_1.96-1.4_all.deb
Size/MD5 checksum: 889918 30c73e274e84b62125136ec96160d23a
Alpha architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_alpha.deb
Size/MD5 checksum: 1761260 2463d0474314aa775126544baea6ec95
ARM architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_arm.deb
Size/MD5 checksum: 1700504 f15929f25fb8bb953748edbe188511ba
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_i386.deb
Size/MD5 checksum: 1678486 878523a3a03254bfa1e6a39052b50e1b
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_ia64.deb
Size/MD5 checksum: 1861640 8a1a611c76cd023311bae7126dfa5b8a
HP Precision architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_hppa.deb
Size/MD5 checksum: 1723252 22df2896c7f4f96a693da436addc6d95
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_m68k.deb
Size/MD5 checksum: 1660918 a55f47febd01eefd216e0da3b200de76
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_mips.deb
Size/MD5 checksum: 1718046 e8fc45985fc4c25a2a9b9ab7d6e21e08
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_mipsel.deb
Size/MD5 checksum: 1721266 c1bd4591da7f720d3fe7b4e134ac9f22
PowerPC architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_powerpc.deb
Size/MD5 checksum: 1688682 0e1b5ce54d414da362c7eeda097acfa9
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_s390.deb
Size/MD5 checksum: 1689648 fa2ac3caafbb37cbcde0138ba9b8f6c6
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/f/freeswan/freeswan_1.96-1.4_sparc.deb
Size/MD5 checksum: 1706714 53ef4472274ffaac7e24455d9ec6c1a1
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
浏览次数:3206
严重程度:0(网友投票)
绿盟科技给您安全的保障