首页 -> 安全研究
安全研究
安全漏洞
OpenSSL SSLv2客户端空指针引用拒绝服务漏洞
发布日期:2006-09-26
更新日期:2006-11-29
受影响系统:
FreeBSD FreeBSD 6.1不受影响系统:
FreeBSD FreeBSD 6.0
FreeBSD FreeBSD 5.5
FreeBSD FreeBSD 5.4
FreeBSD FreeBSD 5.3
FreeBSD FreeBSD 4.11
OpenSSL Project OpenSSL < 0.9.8d
OpenSSL Project OpenSSL < 0.9.7l
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop 4
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1
OpenSSL Project OpenSSL 0.9.8d描述:
OpenSSL Project OpenSSL 0.9.7l
BUGTRAQ ID: 20246
CVE(CAN) ID: CVE-2006-4343
OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。
OpenSSL的协议实现在处理连接请求时存在问题,远程攻击者可能利用此漏洞导致服务器拒绝服务。
SSLv2客户端的get_server_hello()函数没有正确地检查空指针。使用OpenSSL的受影响客户端如果创建了到恶意服务器的SSLv2连接,就会导致崩溃。
<*来源:Tavis Ormandy (taviso@gentoo.org)
Will Drewry (wad@google.com)
链接:http://www.kb.cert.org/vuls/id/386964
http://www.openssl.org/news/secadv_20060928.txt
http://secunia.com/advisories/22799/
http://secunia.com/advisories/22758/
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://docs.info.apple.com/article.html?artnum=304829
http://secunia.com/advisories/23155/
http://lwn.net/Alerts/201933
http://www.debian.org/security/2006/dsa-1185
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:23.openssl.asc
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
http://www.debian.org/security/2006/dsa-1195
http://security.gentoo.org/glsa/glsa-200610-11.xml
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102668-1
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102711-1
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1185-1)以及相应补丁:
DSA-1185-1:New openssl packages fix denial of service
链接:http://www.debian.org/security/2005/dsa-1185
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3.dsc
Size/MD5 checksum: 639 fbf460591348b14103a3819d23164aee
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3.diff.gz
Size/MD5 checksum: 29882 25e5c57ee6c86d1e4cc335937040f251
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz
Size/MD5 checksum: 3043231 a8777164bca38d84e5eb2b1535223474
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_alpha.deb
Size/MD5 checksum: 3341810 73ef8e1cafbfd142a903bd93535a2428
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_alpha.deb
Size/MD5 checksum: 2448006 b42d228cd1cb48024b25f5bd7c6724b8
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_alpha.deb
Size/MD5 checksum: 930188 b0b9a46a47a1992ed455f993b6007450
AMD64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_amd64.deb
Size/MD5 checksum: 2693668 7a6d9f9ad43192bcfe9ed22bd4c227cb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_amd64.deb
Size/MD5 checksum: 703308 239e07d0029b78d339da49ea8dacb554
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_amd64.deb
Size/MD5 checksum: 903744 de3413bf58707040d19a606311548ec7
ARM architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_arm.deb
Size/MD5 checksum: 2556374 4f3d5a82ab27e46f6174616dd2f0818c
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_arm.deb
Size/MD5 checksum: 690118 80812ffefacc7d9800ce5286909aa815
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_arm.deb
Size/MD5 checksum: 894114 053579483c0d83c11a4b15ade5e09d3b
HP Precision architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_hppa.deb
Size/MD5 checksum: 2695876 bee86edc3db3ac76a32efb84b1a1cfab
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_hppa.deb
Size/MD5 checksum: 791316 5dfd66672700232356a26258a76bcffa
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_hppa.deb
Size/MD5 checksum: 914574 bc996d3cd86b18090ee4c2f3f31dbdbc
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_i386.deb
Size/MD5 checksum: 2553694 ceea98c69ca44649ee2c98cff0364e4b
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_i386.deb
Size/MD5 checksum: 2264996 111668559caa8ea95ad3100af67e163e
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_i386.deb
Size/MD5 checksum: 902750 39b743a6a47517245c3fba9289c86ddf
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_ia64.deb
Size/MD5 checksum: 3396192 54868b4f5c27f5dc0a65b82594aa8bb0
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_ia64.deb
Size/MD5 checksum: 1038386 7fcec764f3b3d3ee53588791f7588ad9
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_ia64.deb
Size/MD5 checksum: 975118 18239f1932f399df0396e81a1e57e5e3
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_m68k.deb
Size/MD5 checksum: 2317346 cf221d4a25c8913c1183078f1974b46b
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_m68k.deb
Size/MD5 checksum: 661672 1a1e72d032cbd37400a65ef7ddf9af6d
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_m68k.deb
Size/MD5 checksum: 889874 6eaaf9b7b9651b37437b78d7a95a562a
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_mips.deb
Size/MD5 checksum: 2779474 383cc3f4bd2c75515e415c48fc6c66eb
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_mips.deb
Size/MD5 checksum: 706660 aaa773471c553fd971b3158e35ceb675
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_mips.deb
Size/MD5 checksum: 896780 21c648b8e817ce098d9d85f311163e34
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_mipsel.deb
Size/MD5 checksum: 2767338 bc2e40477ad28b1eedb69e6542b1ab08
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_mipsel.deb
Size/MD5 checksum: 694486 8c31bcea415ae3d725844e45a733d7fe
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_mipsel.deb
Size/MD5 checksum: 895860 8af869dc9a903f8a226d33cdcffc7eab
PowerPC architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_powerpc.deb
Size/MD5 checksum: 2775400 91f923d2f4f3938ef8a786b291865f0a
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_powerpc.deb
Size/MD5 checksum: 779452 3b094894ca6d75b7c86684c7cd62f5bf
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_powerpc.deb
Size/MD5 checksum: 908316 b93dffc572d91d9e4154b73c57b41e88
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_s390.deb
Size/MD5 checksum: 2717840 a96fb19009ddc10b1901f34e232109ae
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_s390.deb
Size/MD5 checksum: 813968 1cf6dbddb023dfe8c55d30d19bc0ff57
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_s390.deb
Size/MD5 checksum: 918504 73d2f71ec2c8ebd4cc3f481096202664
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge3_sparc.deb
Size/MD5 checksum: 2630560 059abd03c994e3d6851f38f6f7dd5446
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge3_sparc.deb
Size/MD5 checksum: 1886038 4900a7af6cbef9e37c902a3c14ac33ac
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge3_sparc.deb
Size/MD5 checksum: 924472 27f194ff2250fc91d0375c02d6686272
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-06:23)以及相应补丁:
FreeBSD-SA-06:23:Multiple problems in crypto(3)
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:23.openssl.asc
补丁下载:
执行以下步骤之一:
1) 将有漏洞的系统升级到4-STABLE, 5-STABLE或6-STABLE,或修改日期之后的RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, RELENG_5_3或RELENG_4_11安全版本.
2) 为当前系统打补丁:
以下补丁确认可应用于FreeBSD 4.11, 5.3, 5.4, 5.5, 6.0和6.1系统.
a) 从以下位置下载相关补丁,并使用PGP工具验证附带的PGP签名.
# fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch
# fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch.asc
b) 以root执行以下命令:
# cd /usr/src
# patch < /path/to/patch
c) 如<URL: http://www.freebsd.org/handbook/makeworld.html> 所述重新编译并重启系统.
OpenSSL Project
---------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.openssl.org/source/openssl-0.9.7l.tar.gz
http://www.openssl.org/source/openssl-0.9.8d.tar.gz
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2006:0695-01)以及相应补丁:
RHSA-2006:0695-01:Important: openssl security update
链接:http://lwn.net/Alerts/201933
SGI
---
http://www.debian.org/security/2006/dsa-1195
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-102711)以及相应补丁:
Sun-Alert-102711:Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications or Execution of Arbitrary Code With Elevated Privileges
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102711-1
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200610-11)以及相应补丁:
GLSA-200610-11:OpenSSL: Multiple vulnerabilities
链接:http://security.gentoo.org/glsa/glsa-200610-11.xml
浏览次数:3519
严重程度:0(网友投票)
绿盟科技给您安全的保障