安全研究
安全漏洞
Libnids TCP包重组内存破坏漏洞
发布日期:2003-10-15
更新日期:2003-11-05
受影响系统:
Dug Song dsniff 2.3不受影响系统:
Rafal Wojtczuk Libnids 1.17
Rafal Wojtczuk Libnids 1.14
Rafal Wojtczuk Libnids 1.13
Rafal Wojtczuk Libnids 1.12
Rafal Wojtczuk Libnids 1.11
Rafal Wojtczuk Libnids 1.16
- Conectiva Linux 9.0
- Conectiva Linux 8.0
- Conectiva Linux 7.0
Rafal Wojtczuk Libnids 1.18描述:
BUGTRAQ ID: 8905
CVE(CAN) ID: CVE-2003-0850
Libnids是一款NIDS功能实现库。
Libnids在处理TCP重组的时候缺少正确的缓冲区边界检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击。
Libnids提供IP分片,TCP流重组和端口扫描检测等功能,Libnids在处理过大的TCP包时存在问题,可导致发送恶意TCP包使使用Libnids TCP包重组功能的应用程序崩溃,精心提供恶意数据可能以应用程序进程在系统上执行任意指令。
<*来源:Robert Watson (rwatson@FreeBSD.org)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=106728224210446&w=2
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000773
*>
建议:
厂商补丁:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2003:773)以及相应补丁:
CLA-2003:773:libnids
链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000773
补丁下载:
Conectiva Upgrade libnids-1.18-1U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libnids-1.18-1U70_1cl.i386.rpm
Conectiva Upgrade libnids-devel-1.18-1U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libnids-devel-1.18-1U70_1cl.i386.rpm
Conectiva Upgrade libnids-devel-static-1.18-1U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libnids-devel-static-1.18-1U70_1cl.i386.rpm
Conectiva Upgrade libnids-1.18-1U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/libnids-1.18-1U80_1cl.i386.rpm
Conectiva Upgrade libnids-devel-1.18-1U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/libnids-devel-1.18-1U80_1cl.i386.rpm
Conectiva Upgrade libnids-devel-static-1.18-1U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/libnids-devel-static-1.18-1U80_1cl.i386.rpm
Conectiva Upgrade libnids-1.18-8448U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libnids-1.18-8448U90_1cl.i386.rpm
Conectiva Upgrade libnids-devel-1.18-8448U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libnids-devel-1.18-8448U90_1cl.i386.rpm
Conectiva Upgrade libnids-devel-static-1.18-8448U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/libnids-devel-static-1.18-8448U90_1cl.i386.rpm
Dug Song dsniff 2.3:
Conectiva Upgrade dsniff-2.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/dsniff-2.3-4U70_1cl.i386.rpm
Conectiva Upgrade dsniff-2.3-7U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/dsniff-2.3-7U80_1cl.i386.rpm
Conectiva Upgrade dsniff-webspy-2.3-7U80_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/dsniff-webspy-2.3-7U80_1cl.i386.rpm
Conectiva Upgrade dsniff-2.3-24591U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/dsniff-2.3-24591U90_1cl.i386.rpm
Conectiva Upgrade dsniff-webspy-2.3-24591U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/dsniff-webspy-2.3-24591U90_1cl.i386.rpm
Rafal Wojtczuk
--------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Rafal Wojtczuk Upgrade Libnids 1.18
https://sourceforge.net/project/showfiles.php?group_id=92215
浏览次数:3272
严重程度:0(网友投票)
绿盟科技给您安全的保障