首页 -> 安全研究
安全研究
安全漏洞
ISC DHCPD NSUPDATE MiniRes库远程缓冲区溢出漏洞
发布日期:2003-01-15
更新日期:2003-01-24
受影响系统:
ISC DHCPD 3.0rc4不受影响系统:
ISC DHCPD 3.0rc12
ISC DHCPD 3.0pl1
ISC DHCPD 3.0b2pl9
ISC DHCPD 3.0b2pl23
ISC DHCPD 3.0.1rc9
ISC DHCPD 3.0.1rc8
ISC DHCPD 3.0.1rc7
ISC DHCPD 3.0.1rc6
ISC DHCPD 3.0.1rc5
ISC DHCPD 3.0.1rc4
ISC DHCPD 3.0.1rc3
ISC DHCPD 3.0.1rc2
ISC DHCPD 3.0.1rc10
ISC DHCPD 3.0.1rc1
ISC DHCPD 3.0
- Caldera Open Linux Workstation 3.1.1
- Caldera Open Linux Workstation 3.1
- Caldera Open Linux Server 3.1.1
- Caldera Open Linux Server 3.1
- Conectiva Linux 8.0
- FreeBSD 4.5
- FreeBSD 4.4
- FreeBSD 4.3
- Mandrake Linux 9.0
- Mandrake Linux 8.2
- Mandrake Linux 8.1
- RedHat Linux 7.3
- RedHat Linux 7.2
- SuSE Linux 8.0
- SuSE Linux 7.3
- SuSE Linux 7.2
ISC DHCPD 3.0pl12描述:
ISC DHCPD 3.0.1rc11
BUGTRAQ ID: 6627
CVE(CAN) ID: CVE-2003-0026
DHCPD是动态主机配置协议,提供通过TCP/IP网络对主机传递配置信息。
DHCPD包含的minires库在处理主机名时没有进行正确缓冲区边界检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以root用户权限在系统上执行任意指令。
DHCPD也提供给主机一些网络配置数据,ISC DHCPD允许DHCP服务程序动态更新DNS服务器,支持动态DNS更新是通过NSUPDATE功能实现。
在内部源代码审核中,ISC开发人员发现由NSUPDATE所调用的minires库在解析主机名时存在多个漏洞。这些漏洞是由于对主机名长度缺少正确检查。攻击者可以通过发送包含超长主机名值的DHCP消息来出发基于栈的缓冲区溢出,精心提供DHCP消息数据可能以root用户权限在系统上执行任意指令。
虽然minires库由BIND 8解析库改变而来,但这些漏洞在当前任何BIND版本中不存在。
<*来源:ISC Developers
链接:http://www.cert.org/advisories/CA-2003-01.html
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000562
http://www.linux-mandrake.com/en/security/2003/2003-007.php
http://www.debian.org/security/2003/dsa-231
https://www.redhat.com/support/errata/RHSA-2003-011.html
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 建议关闭ISC DHCP服务器的NSUPDATE功能。
* 限制外部不可信资源访问DHCP服务器的TCP/UDP 67,68端口。
厂商补丁:
Conectiva
---------
http://www.debian.org/security/2003/dsa-231
Debian
------
Debian已经为此发布了一个安全公告(DSA-231-1)以及相应补丁:
DSA-231-1:New dhcp3 packages fix arbitrary code execution
链接:http://www.debian.org/security/2002/dsa-231
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0+3.0.1rc9-2.1.dsc
Size/MD5 checksum: 730 37209f2e8ff29f9d38e4f812183a8321
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0+3.0.1rc9-2.1.diff.gz
Size/MD5 checksum: 23781 d6b2e0bcf1b32d52423202ae5f988cf6
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0+3.0.1rc9.orig.tar.gz
Size/MD5 checksum: 809803 3cc4758e5a59362315393a1874dfcb21
Alpha architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_alpha.deb
Size/MD5 checksum: 416508 773f104e93a351675621d4b812dedb0d
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_alpha.deb
Size/MD5 checksum: 216042 2a7c64e688ca68bf0b227334ba2d7833
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_alpha.deb
Size/MD5 checksum: 106842 9020774e6cdc310a3a3cf2a42ba58d63
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_alpha.deb
Size/MD5 checksum: 287082 189f63d99acb438981c10800d7783d44
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_alpha.deb
Size/MD5 checksum: 526816 08d076cefd29fa5e0055fda006cac383
ARM architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_arm.deb
Size/MD5 checksum: 386804 842b5eb5de805516022bada7f0094822
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_arm.deb
Size/MD5 checksum: 188558 5dbbd9b9ab025f52024b19627bfbdc72
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_arm.deb
Size/MD5 checksum: 93316 57bfc9321b7d10ae70ec6214d59bcb2f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_arm.deb
Size/MD5 checksum: 273220 6a99a3da6a633477ae430d92f68f2184
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_arm.deb
Size/MD5 checksum: 484438 677cd67a76fc9814fe2a7c3ca4a1a492
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_i386.deb
Size/MD5 checksum: 375234 eadc1375ff236a3f6fd831340fa23bb2
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_i386.deb
Size/MD5 checksum: 178496 afd9dda61da369a5ff76b15803fd4136
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_i386.deb
Size/MD5 checksum: 82020 6137706b46e9b5d0f8d85bf0188f2050
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_i386.deb
Size/MD5 checksum: 269162 289c850ffa01157b09537ec57bf25d0c
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_i386.deb
Size/MD5 checksum: 465074 fae064fc37dede8a61bf836248e97e34
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_ia64.deb
Size/MD5 checksum: 549968 cf516c3021a7a9467d0bd5e8bc5467c4
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_ia64.deb
Size/MD5 checksum: 339122 abfcc44debcca325e01b76031536bacd
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_ia64.deb
Size/MD5 checksum: 134170 d2683f5f882b01422dab6ee93983c0a5
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_ia64.deb
Size/MD5 checksum: 348612 97101d3f841d5509f61664e27158cf23
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_ia64.deb
Size/MD5 checksum: 701398 5bc9980f56c7830a04f21bfedb228959
HP Precision architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_hppa.deb
Size/MD5 checksum: 384788 f733a3a7db9c641cff4594212f275984
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_hppa.deb
Size/MD5 checksum: 188118 5928747afeb44dfd8cfd8e02c332068f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_hppa.deb
Size/MD5 checksum: 92962 2044c3e40799aeb2d328b6084d611016
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_hppa.deb
Size/MD5 checksum: 274626 cba0f35f3a64f21ee4f6d913bb3fa293
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_hppa.deb
Size/MD5 checksum: 477908 58ca5c2bc695aaccfea6052e37767dec
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_m68k.deb
Size/MD5 checksum: 364506 a78a9398f67bbf9083958cc98b2298a5
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_m68k.deb
Size/MD5 checksum: 168460 9ca486cd937a27d066fd33af2fa448c9
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_m68k.deb
Size/MD5 checksum: 79196 fce453cdd71d77bbb8a69af8e03fe24b
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_m68k.deb
Size/MD5 checksum: 264088 6b2a21514111f691e382711a488c2121
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_m68k.deb
Size/MD5 checksum: 451034 c26bf487dec970ea2eb77d7420574b31
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_mips.deb
Size/MD5 checksum: 397524 fda141ea4a15b1ac3bd556d182cc77f2
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_mips.deb
Size/MD5 checksum: 198432 c44d48cb08d6645f4d371575e0c65497
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_mips.deb
Size/MD5 checksum: 94642 0a0b958f68e4e1c476db1c5cd71ff84e
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_mips.deb
Size/MD5 checksum: 281424 f01760c830e76d99c0d3dff61f41474c
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_mips.deb
Size/MD5 checksum: 496270 84398a69046aad6340b0235fffae8f64
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_mipsel.deb
Size/MD5 checksum: 397100 1cf221ff34d407a50ff39947578141b4
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_mipsel.deb
Size/MD5 checksum: 197736 eb08eba8000fba3315df4e940f520e40
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_mipsel.deb
Size/MD5 checksum: 94786 99c4b8f8cc0d9849bf72e3d43b5e4f87
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_mipsel.deb
Size/MD5 checksum: 281390 96e869af7f9d8e008fcde2269d676f45
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_mipsel.deb
Size/MD5 checksum: 495938 d3c899c409c26461e80c85aff382d3e4
PowerPC architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_powerpc.deb
Size/MD5 checksum: 374958 6f37a18a820304e9ef9ed120b14e69c6
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_powerpc.deb
Size/MD5 checksum: 178404 502b47d01b6ad7d1c74aa9080edf1f8f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_powerpc.deb
Size/MD5 checksum: 91016 1970d5daa075c804d17c39ae6e376255
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_powerpc.deb
Size/MD5 checksum: 269668 494ebd8a9950a30ac5e013d41e6a0457
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_powerpc.deb
Size/MD5 checksum: 466796 3588ff1f5d220f236323aaebb61988b2
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_s390.deb
Size/MD5 checksum: 374752 f1a1624c38f20ace387730b3cdb71257
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_s390.deb
Size/MD5 checksum: 177730 00faaea3e1a30546324b248b92980857
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_s390.deb
Size/MD5 checksum: 82992 9c1b2a9abadce85355d43e9a6cd1d0bb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_s390.deb
Size/MD5 checksum: 270624 03c36acf2b87cab9fcea4a39f0ec329f
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_s390.deb
Size/MD5 checksum: 465288 2937d4f9c371bd72409e8c9216d145e9
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0+3.0.1rc9-2.1_sparc.deb
Size/MD5 checksum: 375362 69a5e5399e2a980e182405c63525c792
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0+3.0.1rc9-2.1_sparc.deb
Size/MD5 checksum: 178340 fd6d34c44429e67dd1661ee5f3563748
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0+3.0.1rc9-2.1_sparc.deb
Size/MD5 checksum: 87262 77c318418e23c496bfbeb351075a8909
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0+3.0.1rc9-2.1_sparc.deb
Size/MD5 checksum: 271132 c95e510874e1b1de7d3cec63c2a43887
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0+3.0.1rc9-2.1_sparc.deb
Size/MD5 checksum: 465422 7d42532c3ecc241a5ec81215f3ad22d6
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
ISC
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
ISC Upgrade dhcp-3.0pl2.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-3.0pl2.tar.gz
ISC Upgrade dhcp-3.0.1rc11.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-3.0.1rc11.tar.gz
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:007)以及相应补丁:
MDKSA-2003:007:Updated dhcp packages fix remote code execution vulnerability
链接:http://www.linux-mandrake.com/en/security/2003/2003-007.php
补丁下载:
Updated Packages:
Linux-Mandrake 7.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/dhcp-3.0b2pl9-4.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/dhcp-client-3.0b2pl9-4.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/dhcp-relay-3.0b2pl9-4.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/SRPMS/dhcp-3.0b2pl9-4.2mdk.src.rpm
Mandrake Linux 8.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/dhcp-client-3.0-0.rc12.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/dhcp-common-3.0-0.rc12.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/dhcp-devel-3.0-0.rc12.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/dhcp-relay-3.0-0.rc12.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/dhcp-server-3.0-0.rc12.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/SRPMS/dhcp-3.0-0.rc12.2.2mdk.src.rpm
Mandrake Linux 8.1/IA64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/dhcp-client-3.0-0.rc12.2.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/dhcp-common-3.0-0.rc12.2.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/dhcp-devel-3.0-0.rc12.2.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/dhcp-relay-3.0-0.rc12.2.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/dhcp-server-3.0-0.rc12.2.2mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/SRPMS/dhcp-3.0-0.rc12.2.2mdk.src.rpm
Mandrake Linux 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/dhcp-client-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/dhcp-common-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/dhcp-devel-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/dhcp-relay-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/dhcp-server-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/SRPMS/dhcp-3.0-1rc8.2.2mdk.src.rpm
Mandrake Linux 8.2/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/dhcp-client-3.0-1rc8.2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/dhcp-common-3.0-1rc8.2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/dhcp-devel-3.0-1rc8.2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/dhcp-relay-3.0-1rc8.2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/dhcp-server-3.0-1rc8.2.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/SRPMS/dhcp-3.0-1rc8.2.2mdk.src.rpm
Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/dhcp-client-3.0-1rc9.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/dhcp-common-3.0-1rc9.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/dhcp-devel-3.0-1rc9.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/dhcp-relay-3.0-1rc9.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/dhcp-server-3.0-1rc9.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/dhcp-3.0-1rc9.3mdk.src.rpm
Multi Network Firewall 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/dhcp-client-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/dhcp-common-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/dhcp-relay-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/dhcp-server-3.0-1rc8.2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/SRPMS/dhcp-3.0-1rc8.2.2mdk.src.rpm
Single Network Firewall 7.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/RPMS/dhcp-3.0b2pl23-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/RPMS/dhcp-client-3.0b2pl23-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/RPMS/dhcp-relay-3.0b2pl23-2.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/snf7.2/SRPMS/dhcp-3.0b2pl23-2.2mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:011-07)以及相应补丁:
RHSA-2003:011-07:Updated dhcp packages fix security vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2003-011.html
补丁下载:
RedHat RPM dhclient-3.0pl1-15.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/dhclient-3.0pl1-15.i386.rpm
RedHat RPM dhcp-3.0pl1-15.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/dhcp-3.0pl1-15.i386.rpm
RedHat RPM dhcp-devel-3.0pl1-15.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/dhcp-devel-3.0pl1-15.i386.rpm
S.u.S.E.
--------
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2003:0006)以及相应补丁:
SuSE-SA:2003:0006:dhcp
链接:
补丁下载:
ISC DHCPD 3.0 rc4:
S.u.S.E. RPM dhcp-devel-3.0rc4-32.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/dhcp-devel-3.0rc4-32.i386.rpm
ISC DHCPD 3.0 rc12:
S.u.S.E. RPM dhcp-devel-3.0rc12-26.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/dhcp-devel-3.0rc12-26.sparc.rpm
S.u.S.E. RPM dhcp-devel-3.0rc12-39.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/dhcp-devel-3.0rc12-39.ppc.rpm
S.u.S.E. RPM dhcrelay-3.0rc12-56.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/dhcrelay-3.0rc12-56.i386.rpm
ISC DHCPD 3.0.1 rc6:
S.u.S.E. RPM dhcp-base-3.0.1rc6-15.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/dhcp-base-3.0.1rc6-15.i386.patch.rpm
S.u.S.E. RPM dhcp-base-3.0.1rc6-15.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/dhcp-base-3.0.1rc6-15.i386.rpm
浏览次数:4305
严重程度:0(网友投票)
绿盟科技给您安全的保障