Rational ClearCase端口扫描导致拒绝服务攻击

发布时间：2002-12-01
更新时间：2002-12-01
严重程度：高
威胁程度：远程拒绝服务
错误类型：意外情况处置错误
利用方式：物理接触

BUGTRAQ ID：6228

受影响系统

Rational Software ClearCase  2002.05
Rational Software ClearCase 4.1
   - Caldera OpenUnix 8.0
   - Caldera UnixWare  7
   - Compaq Tru64 5.0
   - Compaq Tru64 5.0 a
   - Compaq Tru64 5.0 f
   - Compaq Tru64 5.1
   - Compaq Tru64 5.1 a
   - HP HP-UX 10.20
   - HP HP-UX 11.0
   - HP HP-UX 11.11
   - IBM AIX 4.3
   - IBM AIX 4.3.1
   - IBM AIX 4.3.2
   - IBM AIX 4.3.3
   - IBM AIX 5.1
   - RedHat Linux 6.2  alpha
   - RedHat Linux 6.2  i386
   - RedHat Linux 6.2  sparc
   - RedHat Linux 7.0  alpha
   - RedHat Linux 7.0  i386
   - RedHat Linux 7.0  sparc
   - RedHat Linux 7.1  alpha
   - RedHat Linux 7.1  i386
   - RedHat Linux 7.2  i386
   - SGI IRIX 6.5.11 m
   - SGI IRIX 6.5.12
   - SGI IRIX 6.5.12 f
   - SGI IRIX 6.5.12 m
   - SGI IRIX 6.5.13
   - SGI IRIX 6.5.13 f
   - SGI IRIX 6.5.13 m
   - Siemens Reliant UNIX 5.43
   - Siemens Reliant UNIX 5.44
   - Siemens Reliant UNIX 5.45
   - Sun Solaris 2.6
   - Sun Solaris 2.6 _x86
   - Sun Solaris 7.0
   - Sun Solaris 7.0 _x86
   - Sun Solaris 8.0
   - Sun Solaris 8.0 _x86

详细描述
Rational ClearCase据报告易受拒绝服务攻击。对于有问题的ClearCase软件，如果对其进行连续两次的端口扫描，会使其发生崩溃，必须重启程序才能使其恢复功能。

测试代码
nmap -vvv -O -sT ip.of.clearcase.system
nmap -vvv -O -sT -p 371 ip.of.clearcase.system

解决方案
Rational Software ClearCase 2002.05:
Rational Patch clearcase_p2002.05.00-12.sun5.tar.gz
http://www.rational.com/techsupport/clearcase/tech/patchlink/new/clearcase/2002.05.00/clearcase_p2002.05.00-12/clearcase_p2002.05.00-12.sun5.tar.gz

Rational Patch clearcase_p2002.05.00-16
http://www.rational.com/techsupport/clearcase/tech/patchlink/new/clearcase/2002.05.00/clearcase_p2002.05.00-16/

Rational Patch clearcase_p2002.05.00-15
http://www.rational.com/techsupport/clearcase/tech/patchlink/new/clearcase/2002.05.00/clearcase_p2002.05.00-15/

相关信息
Stefan Bagdohn and Marek Rouchal

最近严重漏洞

Rational ClearCase端口扫描导致拒绝服务攻击