安全研究
安全漏洞
Symantec Enterprise Firewall RealAudio代理远程缓冲区溢出漏洞
发布日期:2002-12-13
更新日期:2002-12-23
受影响系统:
Symantec Enterprise Firewall 7.0 Solaris描述:
Symantec Enterprise Firewall 7.0 NT/2000
Symantec Enterprise Firewall 6.5.2 NT/2000
Symantec VelociRaptor 700
Symantec VelociRaptor 500
Symantec VelociRaptor 1300
Symantec VelociRaptor 1200
Symantec VelociRaptor 1100
Symantec VelociRaptor 1000
Symantec Gateway Security 5300
Symantec Gateway Security 5200
Symantec Gateway Security 5110
Symantec Raptor Firewall 6.5 Windows NT
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Symantec Raptor Firewall 6.5.3 Solaris
- Sun Solaris 7.0
- Sun Solaris 2.6
BUGTRAQ ID: 6389
Symantec企业防火墙包含RealAudio代理服务程序。
RealAudio代理服务程序在处理特殊扫描时存在问题,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可导致系统产生拒绝服务攻击。
当使用Qualys工具扫描防火墙时,rad (RealAudio)和statsd (statistics)服务都会不正确的终止。Dr. Watson可记录这个core dump,扫描发送的数据可以导致RealAudio服务破坏缓冲区,而统计服务,statsd会由于访问冲突而停止响应。所有其他服务可正常运行。
<*来源:Symantec
链接:http://securityresponse.symantec.com/avcenter/security/Content/2002.12.12.html
*>
建议:
厂商补丁:
Symantec
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Symantec VelociRaptor 500 :
Symantec Hotfix rad-vr15-3des.zip
ftp://ftp.symantec.com/public/updates/rad-vr15-3des.zip
Symantec VelociRaptor 700 :
Symantec Hotfix rad-vr15-3des.zip
ftp://ftp.symantec.com/public/updates/rad-vr15-3des.zip
Symantec VelociRaptor 1000 :
Symantec Hotfix rad-vr15-3des.zip
ftp://ftp.symantec.com/public/updates/rad-vr15-3des.zip
Symantec VelociRaptor 1100 :
Symantec Hotfix rad-vr15-3des.zip
ftp://ftp.symantec.com/public/updates/rad-vr15-3des.zip
Symantec VelociRaptor 1200 :
Symantec Hotfix rad-vr15-3des.zip
ftp://ftp.symantec.com/public/updates/rad-vr15-3des.zip
Symantec VelociRaptor 1300 :
Symantec Hotfix rad-vr15-3des.zip
ftp://ftp.symantec.com/public/updates/rad-vr15-3des.zip
Symantec Gateway Security 5110 :
Symantec Hotfix rad-sgs10-3des.zip
ftp://ftp.symantec.com/public/updates/rad-sgs10-3des.zip
Symantec Gateway Security 5200 :
Symantec Hotfix rad-sgs10-3des.zip
ftp://ftp.symantec.com/public/updates/rad-sgs10-3des.zip
Symantec Gateway Security 5300 :
Symantec Hotfix rad-sgs10-3des.zip
ftp://ftp.symantec.com/public/updates/rad-sgs10-3des.zip
Symantec Raptor Firewall 6.5 Windows NT:
Symantec Hotfix rad-650-3des.zip
ftp://ftp.symantec.com/public/updates/rad-650-3des.zip
Symantec Hotfix rad-650-des.zip
ftp://ftp.symantec.com/public/updates/rad-650-des.zip
International
Symantec Enterprise Firewall 6.5.2 NT/2000:
Symantec Hotfix rad-652-des.zip
ftp://ftp.symantec.com/public/updates/rad-652-des.zip
International
Symantec Hotfix rad-652-3des.zip
ftp://ftp.symantec.com/public/updates/rad-652-3des.zip
Symantec Raptor Firewall 6.5.3 Solaris:
Symantec Hotfix rad-653-3des.tar
ftp://ftp.symantec.com/public/updates/rad-653-3des.tar
Symantec Hotfix rad-653-des.tar
ftp://ftp.symantec.com/public/updates/rad-653-des.tar
International
Symantec Enterprise Firewall 7.0 Solaris:
Symantec Hotfix Enterprise Firewall 7.0
http://www.symantec.com/downloads/
Symantec Enterprise Firewall 7.0 NT/2000:
Symantec Hotfix Enterprise Firewall 7.0
http://www.symantec.com/downloads/
浏览次数:3054
严重程度:0(网友投票)
绿盟科技给您安全的保障