首页 -> 安全研究
安全研究
安全漏洞
Cisco IOS OSPF远程缓冲区溢出漏洞
发布日期:2003-02-20
更新日期:2003-02-28
受影响系统:
Cisco IOS 12.0.7(T)不受影响系统:
Cisco IOS 12.0.4T
Cisco IOS 12.0.4S
Cisco IOS 12.0.3T2
Cisco IOS 12.0.2XG
Cisco IOS 12.0.2XF
Cisco IOS 12.0.2XD
Cisco IOS 12.0.2XC
Cisco IOS 12.0.2
Cisco IOS 12.0.1XE
Cisco IOS 12.0.1XB
Cisco IOS 12.0.1XA3
Cisco IOS 12.0.1W
Cisco IOS 12.0.1
Cisco IOS 12.0(9)S
Cisco IOS 12.0(8.3)SC
Cisco IOS 12.0(8.0.2)S
Cisco IOS 12.0(8)
Cisco IOS 12.0(7.4)S
Cisco IOS 12.0(7)XK
Cisco IOS 12.0(7)T
Cisco IOS 12.0(7)SC
Cisco IOS 12.0(7)S1
Cisco IOS 12.0(5.1)XP
Cisco IOS 12.0(5)XK
Cisco IOS 12.0(5)T1
Cisco IOS 12.0(5)T
Cisco IOS 12.0(18)S
Cisco IOS 12.0(17)S
Cisco IOS 12.0(17)
Cisco IOS 12.0(16.06)S
Cisco IOS 12.0(16)W5(21)
Cisco IOS 12.0(15)S3
Cisco IOS 12.0(14)W5(20)
Cisco IOS 12.0(14)ST
Cisco IOS 12.0(13)W5(19c)
Cisco IOS 12.0(10)W5(18g)
Cisco IOS 12.0(10)W5
Cisco IOS 12.0 (3)
Cisco IOS 12.0 (19)
Cisco IOS 12.0
Cisco IOS 11.3XA
Cisco IOS 11.3WA4
Cisco IOS 11.3T
Cisco IOS 11.3NA
Cisco IOS 11.3MA
Cisco IOS 11.3HA
Cisco IOS 11.3DB
Cisco IOS 11.3DA
Cisco IOS 11.3AA
Cisco IOS 11.3.1T
Cisco IOS 11.3.1ED
Cisco IOS 11.3.11b
Cisco IOS 11.2.9XA
Cisco IOS 11.2.9P
Cisco IOS 11.2.8SA5
Cisco IOS 11.2.8SA3
Cisco IOS 11.2.8SA1
Cisco IOS 11.2.8P
Cisco IOS 11.2.4F1
Cisco IOS 11.2.4F
Cisco IOS 11.2.10BC
Cisco IOS 11.2(9)XA
Cisco IOS 11.2(4)XAf
Cisco IOS 11.2(4)XA
Cisco IOS 11.2(4)
Cisco IOS 11.2(19)GS0.2
Cisco IOS 11.2(17)
Cisco IOS 11.2 (26a)
Cisco IOS 11.2
Cisco IOS 11.1IA
Cisco IOS 11.1CT
Cisco IOS 11.1CC
Cisco IOS 11.1CA
Cisco IOS 11.1AA
Cisco IOS 11.1.9IA
Cisco IOS 11.1.7CA
Cisco IOS 11.1.7AA
Cisco IOS 11.1.17CT
Cisco IOS 11.1.17CC
Cisco IOS 11.1.16IA
Cisco IOS 11.1.16AA
Cisco IOS 11.1.16
Cisco IOS 11.1.15IA
Cisco IOS 11.1.15CA
Cisco IOS 11.1.15AA
Cisco IOS 11.1.15
Cisco IOS 11.1.13IA
Cisco IOS 11.1.13CA
Cisco IOS 11.1.13AA
Cisco IOS 11.1.13
Cisco IOS 11.1(36)CC2
Cisco IOS 11.1 (24a)
Cisco IOS 11.1
Cisco IOS 12.1 (1)T描述:
Cisco IOS 12.1 (1)DC
Cisco IOS 12.1 (1)DB
Cisco IOS 12.1 (1)
Cisco IOS 12.0 (19)ST
Cisco IOS 12.0 (19)S
BUGTRAQ ID: 6895
CVE(CAN) ID: CVE-2003-0100
Internet Operating System (IOS)是一款使用于CISCO路由器上的操作系统。
CISCO IOS在处理畸形OSPF包时存在缓冲区溢出,远程攻击者可以利用这个漏洞可能在设备上执行恶意指令及进行恶意拒绝服务攻击。
部分Cisco IOS版本中包含的OSPF实现在一个接口上接收到超过255个OSPF邻居的通告时,会发生IO内存结构破坏,FX of Phenoelit研究提供了利用这个漏洞在路由器上执行恶意代码及的程序。
Cisco Bug CSCdp58462对此漏洞进行了详细描述。
<*来源:FX (fx@phenoelit.de)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104576100719090&w=2
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 在路由器上配置使用OSPF MD5验证。
* 设置正确的访问控制允许部分OSPF邻居访问:
access-list 100 permit ospf host a.b.c.x host 224.0.0.5
access-list 100 permit ospf host a.b.c.x host interface_ip
access-list 100 permit ospf host a.b.c.y host 224.0.0.5
access-list 100 permit ospf host a.b.c.y host interface_ip
access-list 100 permit ospf host a.b.c.z host 224.0.0.5
access-list 100 permit ospf host a.b.c.z host interface_ip
access-list 100 permit ospf any host 224.0.0.6
access-list 100 deny ospf any any
access-list 100 permit ip any any
厂商补丁:
Cisco
-----
Cisco IOS版本11.1 - 12.0存在此漏洞,Cisco在如下IOS版本中已经修补此漏洞:
12.0(19)S
12.0(19)ST
12.1(1)
12.1(1)DB
12.1(1)DC
12.1(1)T
及之后的版本。
http://www.cisco.com/warp/public/707/advisory.html
浏览次数:5735
严重程度:0(网友投票)
绿盟科技给您安全的保障