首页 -> 安全研究

安全研究

安全漏洞
Canna Server远程拒绝服务攻击漏洞

发布日期:2002-12-09
更新日期:2002-12-17

受影响系统:
Canna Canna 3.5 b2
    - RedHat Linux 8.0
    - RedHat Linux 7.3
    - RedHat Linux 7.2
    - RedHat Linux 7.1
Canna Canna 3.6
    - RedHat Linux 8.0
    - RedHat Linux 7.3
    - RedHat Linux 7.2
    - RedHat Linux 7.1
描述:
BUGTRAQ  ID: 6354
CVE(CAN) ID: CVE-2002-1159

Canna Server是一款用于日文字符输入的程序。

Canna Server对输入请求缺少正确验证,远程攻击者可以利用这个漏洞获得敏感信息,或进行拒绝服务攻击。

目前没有获得详细漏洞细节。

Red Hat Linux 7.1, 7.2, 7.3, 和8.0附带有此漏洞Canna包,但是只有当日文语言支持的时候才安装此包。

<*来源:Red Hat Security Advisory
  
  链接:https://www.redhat.com/support/errata/RHSA-2002-246.html
*>

建议:
厂商补丁:

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:246-18)以及相应补丁:
RHSA-2002:246-18:Updated Canna packages fix vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2002-246.html

补丁下载:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/Canna-3.5b2-42.7.1.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/Canna-3.5b2-42.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/Canna-devel-3.5b2-42.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/Canna-libs-3.5b2-42.7.1.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/Canna-3.5b2-42.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/Canna-devel-3.5b2-42.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/Canna-libs-3.5b2-42.7.1.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/Canna-3.5b2-42.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/Canna-devel-3.5b2-42.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/Canna-libs-3.5b2-42.7.1.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/Canna-3.5b2-50.7.2.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/Canna-3.5b2-50.7.2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/Canna-devel-3.5b2-50.7.2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/Canna-libs-3.5b2-50.7.2.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/Canna-3.5b2-50.7.2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/Canna-devel-3.5b2-50.7.2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/Canna-libs-3.5b2-50.7.2.ia64.rpm
Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/Canna-3.5b2-62.7.3.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/Canna-3.5b2-62.7.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/Canna-devel-3.5b2-62.7.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/Canna-libs-3.5b2-62.7.3.i386.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/Canna-3.5b2-70.8.0.1.src.rpm

i386:
ftp://updates.redhat.com/8.0/en/os/i386/Canna-3.5b2-70.8.0.1.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/Canna-devel-3.5b2-70.8.0.1.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/Canna-libs-3.5b2-70.8.0.1.i386.rpm

校验:

MD5 sum                          Package Name
--------------------------------------------------------------------------
64918a96baadf160a39ab69d181873a1 7.1/en/os/SRPMS/Canna-3.5b2-42.7.1.src.rpm
e05db6df9c005d54e339d52a24fea16c 7.1/en/os/alpha/Canna-3.5b2-42.7.1.alpha.rpm
7fef35d1254f1502bb4b8c2b0fb12b14 7.1/en/os/alpha/Canna-devel-3.5b2-42.7.1.alpha.rpm
667524bea77fa4965c53023d784c9e62 7.1/en/os/alpha/Canna-libs-3.5b2-42.7.1.alpha.rpm
20b1224527f50242713cf4b65c61e639 7.1/en/os/i386/Canna-3.5b2-42.7.1.i386.rpm
e5b92ea118f3459ae8fac8ba11bf85d7 7.1/en/os/i386/Canna-devel-3.5b2-42.7.1.i386.rpm
5c43a46ccf5fb34660d1b5c3194b8586 7.1/en/os/i386/Canna-libs-3.5b2-42.7.1.i386.rpm
e67dc55b400e9d375a2370a800b08108 7.1/en/os/ia64/Canna-3.5b2-42.7.1.ia64.rpm
597a62b098378cb5866ebe2c660e6727 7.1/en/os/ia64/Canna-devel-3.5b2-42.7.1.ia64.rpm
15ec98018b4cd74789bd3c731cf1619c 7.1/en/os/ia64/Canna-libs-3.5b2-42.7.1.ia64.rpm
2a1ea81d34ad09f3465034178feef85f 7.2/en/os/SRPMS/Canna-3.5b2-50.7.2.src.rpm
d74c4ac9644ae93572f75e45f43f509c 7.2/en/os/i386/Canna-3.5b2-50.7.2.i386.rpm
a6013cd21389fc8ad942f6f91b699d4a 7.2/en/os/i386/Canna-devel-3.5b2-50.7.2.i386.rpm
89e08e149706012ed225cc6bf3bb9956 7.2/en/os/i386/Canna-libs-3.5b2-50.7.2.i386.rpm
9396ca437442d715f099c1092da2d560 7.2/en/os/ia64/Canna-3.5b2-50.7.2.ia64.rpm
029f9d01a2e0cccaa258271638f7b1aa 7.2/en/os/ia64/Canna-devel-3.5b2-50.7.2.ia64.rpm
09780967d122a75ab40ca3625f4c6c4d 7.2/en/os/ia64/Canna-libs-3.5b2-50.7.2.ia64.rpm
f8b1a676c1b65690d1802e34bd1d4444 7.3/en/os/SRPMS/Canna-3.5b2-62.7.3.src.rpm
3e0fc1f12ad366b802bddbd6958218a8 7.3/en/os/i386/Canna-3.5b2-62.7.3.i386.rpm
97d744e904f7ecc37d1b86e5df338a77 7.3/en/os/i386/Canna-devel-3.5b2-62.7.3.i386.rpm
0356e982e4e043992f694430fabbab81 7.3/en/os/i386/Canna-libs-3.5b2-62.7.3.i386.rpm
eecd0839f914bac15e458933c8831cf7 8.0/en/os/SRPMS/Canna-3.5b2-70.8.0.1.src.rpm
72ffd082d58f626105317c7ddc224fc0 8.0/en/os/i386/Canna-3.5b2-70.8.0.1.i386.rpm
6539144bcf78e6cabf03df9d60b0ed9b 8.0/en/os/i386/Canna-devel-3.5b2-70.8.0.1.i386.rpm
8b3cebc96837ece1ddccb3cc7112b8bd 8.0/en/os/i386/Canna-libs-3.5b2-70.8.0.1.i386.rpm

可以使用如下命令进行校验:

rpm --checksig -v <filename>

浏览次数:3542
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客