安全研究

安全漏洞
Linux NIS Server YPSERV远程拒绝服务攻击漏洞

发布日期:2003-02-05
更新日期:2003-07-02

受影响系统:
Terra Soft Solutions Yellow Dog Linux 3.0
Terra Soft Solutions Yellow Dog Linux 2.3
ypserv ypserv 2.6
ypserv ypserv 2.5
ypserv ypserv 2.2
ypserv ypserv 1.3.12
ypserv ypserv 1.3.11
ypserv ypserv 2.7
    - Mandrake Linux 9.1
    - Mandrake Linux 9.0
    - RedHat Linux 9.0
    - RedHat Linux 8.0
不受影响系统:
ypserv ypserv 2.8
描述:
BUGTRAQ  ID: 8031
CVE(CAN) ID: CVE-2003-0251

ypserv包含网络信息服务(NIS)服务器。

ypserv在处理部分客户端请求时存在问题,远程攻击者可以利用这个漏洞对服务器进行拒绝服务攻击。

如果恶意客户端通过TCP查询ypserv并随后忽略服务器的应答,ypserv会停止尝试发送应答回复,因此就导致ypserv对其他客户端的请求不进行任意应答,产生拒绝服务。

版本2.7及以上版本通过对每个客户端派生一个子进程来防止此问题的出现。

<*来源:ypserv
  
  链接:https://www.redhat.com/support/errata/RHSA-2003-173.html
        http://www.linux-mandrake.com/en/security/2003/2003-072.php
*>

建议:
厂商补丁:

MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:072)以及相应补丁:
MDKSA-2003:072:Updated ypserv packages fix DoS vulnerability
链接:http://www.linux-mandrake.com/en/security/2003/2003-072.php

补丁下载:

Updated Packages:

Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/ypserv-2.8-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/ypserv-2.8-1.1mdk.src.rpm

Mandrake Linux 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/ypserv-2.8-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/SRPMS/ypserv-2.8-1.1mdk.src.rpm

Mandrake Linux 8.2/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/ypserv-2.8-1.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/SRPMS/ypserv-2.8-1.1mdk.src.rpm

Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/ypserv-2.8-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/ypserv-2.8-1.1mdk.src.rpm

上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:173-01)以及相应补丁:
RHSA-2003:173-01:Updated ypserv packages fix a denial of service vulnerability
链接:https://www.redhat.com/support/errata/RHSA-2003-173.html

补丁下载:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/ypserv-2.8-0.72E.src.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/ypserv-2.8-0.72E.i386.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/ypserv-2.8-0.72E.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/ypserv-2.8-0.72E.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/ypserv-2.8-0.72E.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/ypserv-2.8-0.73E.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/ypserv-2.8-0.73E.i386.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/ypserv-2.8-0.80E.src.rpm

i386:
ftp://updates.redhat.com/8.0/en/os/i386/ypserv-2.8-0.80E.i386.rpm

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/ypserv-2.8-0.9E.src.rpm

i386:
ftp://updates.redhat.com/9/en/os/i386/ypserv-2.8-0.9E.i386.rpm

Terra Soft Solutions
--------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

Terra Soft Solutions Yellow Dog Linux 2.3:

Terra Soft Solutions Upgrade ypserv-2.8-0.72E.ppc.rpm
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.3/ppc/ypserv-2.8-0.72E.ppc.rpm

Terra Soft Solutions Yellow Dog Linux 3.0:

Terra Soft Solutions Upgrade ypserv-2.8-0.9E.ppc.rpm
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/ppc/ypserv-2.8-0.9E.ppc.rpm

ypserv
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

ypserv Upgrade ypserv-2.8.tar.gz
ftp://ftp.kernel.org/pub/linux/utils/net/NIS/ypserv-2.8.tar.gz

浏览次数:3145
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障