首页 -> 安全研究
安全研究
安全漏洞
Cisco IOS UDP Echo服务内存泄露漏洞
发布日期:2003-08-01
更新日期:2003-08-06
受影响系统:
Cisco IOS 9.14不受影响系统:
Cisco IOS 9.1
Cisco IOS 9.0
Cisco IOS 8.3
Cisco IOS 8.2
Cisco IOS 12.0XW
Cisco IOS 12.0XV
Cisco IOS 12.0XU
Cisco IOS 12.0XS
Cisco IOS 12.0XR
Cisco IOS 12.0XQ
Cisco IOS 12.0XP
Cisco IOS 12.0XN
Cisco IOS 12.0XM
Cisco IOS 12.0XL
Cisco IOS 12.0XK
Cisco IOS 12.0XJ
Cisco IOS 12.0XI
Cisco IOS 12.0XH
Cisco IOS 12.0XG
Cisco IOS 12.0XF
Cisco IOS 12.0XE
Cisco IOS 12.0XD
Cisco IOS 12.0XC
Cisco IOS 12.0XB
Cisco IOS 12.0XA
Cisco IOS 12.0WT
Cisco IOS 12.0WC
Cisco IOS 12.0W5
Cisco IOS 12.0T
Cisco IOS 12.0SX
Cisco IOS 12.0ST
Cisco IOS 12.0SP
Cisco IOS 12.0SL
Cisco IOS 12.0SC
Cisco IOS 12.0S
Cisco IOS 12.0DC
Cisco IOS 12.0DB
Cisco IOS 12.0DA
Cisco IOS 12.0.7(T)
Cisco IOS 12.0.7
Cisco IOS 12.0.6
Cisco IOS 12.0.5
Cisco IOS 12.0.4T
Cisco IOS 12.0.4S
Cisco IOS 12.0.4
Cisco IOS 12.0.3T2
Cisco IOS 12.0.3
Cisco IOS 12.0.2XG
Cisco IOS 12.0.2XF
Cisco IOS 12.0.2XD
Cisco IOS 12.0.2XC
Cisco IOS 12.0.2
Cisco IOS 12.0.1XE
Cisco IOS 12.0.1XB
Cisco IOS 12.0.1XA3
Cisco IOS 12.0.1W
Cisco IOS 12.0.19
Cisco IOS 12.0.1
Cisco IOS 12.0(9)S
Cisco IOS 12.0(8.3)SC
Cisco IOS 12.0(8.0.2)S
Cisco IOS 12.0(8)
Cisco IOS 12.0(7.4)S
Cisco IOS 12.0(7)XK
Cisco IOS 12.0(7)T
Cisco IOS 12.0(7)SC
Cisco IOS 12.0(7)S1
Cisco IOS 12.0(5.1)XP
Cisco IOS 12.0(5)XK
Cisco IOS 12.0(5)T1
Cisco IOS 12.0(5)T
Cisco IOS 12.0(18)S
Cisco IOS 12.0(17)S
Cisco IOS 12.0(17)
Cisco IOS 12.0(16.06)S
Cisco IOS 12.0(16)W5(21)
Cisco IOS 12.0(15)S3
Cisco IOS 12.0(14)W5(20)
Cisco IOS 12.0(14)ST
Cisco IOS 12.0(13)W5(19c)
Cisco IOS 12.0(10)W5(18g)
Cisco IOS 12.0(10)W5
Cisco IOS 12.0 (3)
Cisco IOS 12.0 (19)
Cisco IOS 12.0
Cisco IOS 11.3XA
Cisco IOS 11.3WA4
Cisco IOS 11.3T
Cisco IOS 11.3NA
Cisco IOS 11.3MA
Cisco IOS 11.3HA
Cisco IOS 11.3DB
Cisco IOS 11.3DA
Cisco IOS 11.3AA
Cisco IOS 11.3.1T
Cisco IOS 11.3.1ED
Cisco IOS 11.3.11b
Cisco IOS 11.3.1
Cisco IOS 11.3(2)XA
Cisco IOS 11.3 (11b)
Cisco IOS 11.3
Cisco IOS 11.2WA3
Cisco IOS 11.2SA
Cisco IOS 11.2P
Cisco IOS 11.2GS
Cisco IOS 11.2F
Cisco IOS 11.2BC
Cisco IOS 11.2.9XA
Cisco IOS 11.2.9P
Cisco IOS 11.2.8SA5
Cisco IOS 11.2.8SA3
Cisco IOS 11.2.8SA1
Cisco IOS 11.2.8P
Cisco IOS 11.2.8
Cisco IOS 11.2.4F1
Cisco IOS 11.2.4F
Cisco IOS 11.2.4
Cisco IOS 11.2.10BC
Cisco IOS 11.2.10
Cisco IOS 11.2(9)XA
Cisco IOS 11.2(4)XAf
Cisco IOS 11.2(4)XA
Cisco IOS 11.2(4)
Cisco IOS 11.2(19)GS0.2
Cisco IOS 11.2(17)
Cisco IOS 11.2 (26a)
Cisco IOS 11.2
Cisco IOS 11.1IA
Cisco IOS 11.1CT
Cisco IOS 11.1CC
Cisco IOS 11.1CA
Cisco IOS 11.1AA
Cisco IOS 11.1.9IA
Cisco IOS 11.1.7CA
Cisco IOS 11.1.7AA
Cisco IOS 11.1.7
Cisco IOS 11.1.17CT
Cisco IOS 11.1.17CC
Cisco IOS 11.1.16IA
Cisco IOS 11.1.16AA
Cisco IOS 11.1.16
Cisco IOS 11.1.15IA
Cisco IOS 11.1.15CA
Cisco IOS 11.1.15AA
Cisco IOS 11.1.15
Cisco IOS 11.1.13IA
Cisco IOS 11.1.13CA
Cisco IOS 11.1.13AA
Cisco IOS 11.1.13
Cisco IOS 11.1(36)CC2
Cisco IOS 11.1 (24a)
Cisco IOS 11.1
Cisco IOS 11.0x
Cisco IOS 11.0.x
Cisco IOS 11.0.20.3
Cisco IOS 11.0.17BT
Cisco IOS 11.0.17
Cisco IOS 11.0.12(a)BT
Cisco IOS 11.0.12
Cisco IOS 11.0 (22a)
Cisco IOS 11.0 (18)
Cisco IOS 11.0
Cisco IOS 10.3.4.3
Cisco IOS 10.3.4.2
Cisco IOS 10.3.3.4
Cisco IOS 10.3.3.3
Cisco IOS 10.3.19a
Cisco IOS 10.3.16
Cisco IOS 10.3
Cisco IOS 12.0 (3.6)W5(9.0.5)描述:
Cisco IOS 12.0 (3.4)T
Cisco IOS 12.0 (3.3)S
Cisco IOS 12.0 (3.2)
BUGTRAQ ID: 8323
Cisco IOS是部署非常广泛的网络操作系统。很多Cisco设备都运行IOS。
Cisco IOS不正确应答UDP echo包,远程攻击者可以利用这个漏洞可以获得的部分路由器敏感信息。
如果Cisco设备中使用了udp-small-servers命令,Cisco ISO软件设置会使用路由器内存中部分内容作为UDP echo报文的应答 ,通过持续发送畸形UDP echo报文和捕获应答,攻击者可以获得存在路由器上的敏感数据。
<*链接:http://www.cisco.com/warp/public/707/cisco-sn-20030731-ios-udp-echo.shtml
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 关闭udp-small-servers服务:
no service udp-small-servers
厂商补丁:
Cisco
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
下列Cisco IOS固件版本不存在此漏洞,建议用户更新:
* 12.0(3.2)
* 12.0(3.3)S
* 12.0(3.4)T
* 12.0(3.6)W5(9.0.5)
您可以从Cisco网站的软件中心下载升级程序:
http://www.cisco.com/tacpage/sw-center/sw-ios.shtml
浏览次数:3580
严重程度:0(网友投票)
绿盟科技给您安全的保障