xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

Squid Cache SNMP 存在拒绝服务攻击


发布时间:2002-02-25
更新时间:2002-02-25
严重程度:
威胁程度:远程拒绝服务
错误类型:意外情况处置错误
利用方式:服务器模式

BUGTRAQ ID:4146

受影响系统
National Science Foundation Squid Web Proxy 2.0
National Science Foundation Squid Web Proxy 2.1
National Science Foundation Squid Web Proxy 2.2
   - RedHat Linux 5.2 alpha
   - RedHat Linux 5.2 i386
   - RedHat Linux 5.2 sparc
   - RedHat Linux 6.0 alpha
   - RedHat Linux 6.0 i386
   - RedHat Linux 6.0 sparc
National Science Foundation Squid Web Proxy 2.3
National Science Foundation Squid Web Proxy 2.4STABLE3
National Science Foundation Squid Web Proxy 2.4STABLE2
National Science Foundation Squid Web Proxy 2.4STABLE1
   + MandrakeSoft Linux Mandrake 8.1
   + RedHat Linux 7.2
   - S.u.S.E. Linux 7.2
National Science Foundation Squid Web Proxy 2.4
   + FreeBSD FreeBSD 4.4
   + FreeBSD FreeBSD 4.5
   + FreeBSD FreeBSD 5.0
   + Trustix Secure Linux 1.1
   + Trustix Secure Linux 1.2
   + Trustix Secure Linux 1.5
详细描述
在Squid代理服务器中的SNMP实现存在内存泄露漏洞。

远程攻击者可以通过持续传输不正常的SNMP信息而导致进程消耗可允许使用资源,
如果资源没有针对SQUID进程进行限制,就可以造成整个系统崩溃。

要利用这个漏洞,SQUID SNMP接口必须激活,然后攻击者需要发送信息到SNMP端口。

测试代码
尚无

解决方案
补丁如下:

National Science Foundation Squid Web Proxy 2.0:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.1:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.2:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.3:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.4STABLE3:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.4STABLE2:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.4STABLE1:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

National Science Foundation Squid Web Proxy 2.4:

National Science Foundation Upgrade squid-2.4.STABLE4-src.tar.gz
http://www.squid-cache.org/Versions/v2/2.4/squid-2.4.STABLE4-src.tar.gz

FreeBSD Upgrade squid-2.4_8.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/www/squid-2.4_8.tgz
For version included in ports for FreeBSD 4.x.

FreeBSD Upgrade squid-2.4_8.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/www/squid-2.4_8.tgz
For version included in ports for FreeBSD 5.0.

相关信息
Jouko Pynnonen <jouko@solutions.fi>
参考:http://online.securityfocus.com/advisories/3886
相关主页:http://online.securityfocus.com/archive/1/257370
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved