xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

TCPDump内存破坏漏洞


发布时间:2002-12-11
更新时间:2002-12-11
严重程度:
威胁程度:本地拒绝服务
错误类型:边界检查错误
利用方式:客户机模式

BUGTRAQ ID:6213

受影响系统
LBL tcpdump 3.4 a6
   +S.u.S.E. Firewall Adminhost VPN
   +S.u.S.E. Linux 6.4
   +S.u.S.E. Linux 7.0
   +S.u.S.E. Linux 7.1
   +S.u.S.E. Linux 7.2
   +S.u.S.E. Linux Admin-CD for Firewall
   +S.u.S.E. Linux Connectivity Server
   +S.u.S.E. Linux Database Server
   +S.u.S.E. Linux Enterprise Server 7
   +S.u.S.E. Linux Enterprise Server for S/390
   +S.u.S.E. Linux Live-CD for Firewall
   +S.u.S.E. SuSE eMail Server III
LBL tcpdump 3.4
   +Debian Linux 2.2
   +Debian Linux 2.2 68k
   +Debian Linux 2.2 alpha
   +Debian Linux 2.2 arm
   +Debian Linux 2.2 powerpc
   +Debian Linux 2.2 sparc
   +RedHat Linux 6.2 alpha
   +RedHat Linux 6.2 i386
   +RedHat Linux 6.2 sparc
   +RedHat Linux 7.0 alpha
   +RedHat Linux 7.0 i386
   +RedHat Linux 7.1 alpha
   +RedHat Linux 7.1 i386
   +RedHat Linux 7.1 ia64
LBL tcpdump 3.5
   +FreeBSD FreeBSD 3.x
   +FreeBSD FreeBSD 4.0
   +FreeBSD FreeBSD 4.1
   +FreeBSD FreeBSD 4.1.1
   +S.u.S.E. Linux 7.3
   +S.u.S.E. Linux 8.0
LBL tcpdump 3.5.2
LBL tcpdump 3.6.2
   +Caldera OpenLinux Server 3.1
   +Caldera OpenLinux Server 3.1.1
   +Caldera OpenLinux Workstation 3.1
   +Caldera OpenLinux Workstation 3.1.1
   +Conectiva Linux 5.0
   +Conectiva Linux 5.1
   +Conectiva Linux 6.0
   +Conectiva Linux 7.0
   +Conectiva Linux 8.0
   +FreeBSD FreeBSD 4.0
   +FreeBSD FreeBSD 4.1
   +FreeBSD FreeBSD 4.1.1
   +FreeBSD FreeBSD 4.2
   +FreeBSD FreeBSD 4.3
   +HP Secure OS software for Linux 1.0
   +MandrakeSoft Corporate Server 1.0.1
   +MandrakeSoft Linux Mandrake 7.1
   +MandrakeSoft Linux Mandrake 7.2
   +MandrakeSoft Linux Mandrake 8.0
   +MandrakeSoft Linux Mandrake 8.1
   +MandrakeSoft Linux Mandrake 8.2
   +MandrakeSoft Single Network Firewall 7.2
   +RedHat Linux 6.2 alpha
   +RedHat Linux 6.2 i386
   +RedHat Linux 6.2 sparc
   +RedHat Linux 7.0 alpha
   +RedHat Linux 7.0 i386
   +RedHat Linux 7.1 alpha
   +RedHat Linux 7.1 i386
   +RedHat Linux 7.1 ia64
   +RedHat Linux 7.2 i386
   +RedHat Linux 7.2 ia64
   +Trustix Secure Linux 1.1
   +Trustix Secure Linux 1.2
   +Trustix Secure Linux 1.5
详细描述
tcpdump存在一个操作错误,导致破坏内存。攻击者可能利用这个漏洞进行拒绝服务攻击甚至执行任意代码。

测试代码


解决方案
LBL tcpdump 3.4 a6:
LBL tcpdump 3.4:
     Debian Upgrade tcpdump_3.6.2-2.2_alpha.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_alpha.deb
     Debian Upgrade tcpdump_3.6.2-2.2_arm.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_arm.deb
     Debian Upgrade tcpdump_3.6.2-2.2_hppa.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_hppa.deb
     Debian Upgrade tcpdump_3.6.2-2.2_i386.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_i386.deb
     Debian Upgrade tcpdump_3.6.2-2.2_ia64.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_ia64.deb
     Debian Upgrade tcpdump_3.6.2-2.2_m68k.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_m68k.deb
     Debian Upgrade tcpdump_3.6.2-2.2_mips.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_mips.deb
     Debian Upgrade tcpdump_3.6.2-2.2_powerpc.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_powerpc.deb
     Debian Upgrade tcpdump_3.6.2-2.2_s390.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_s390.deb
     Debian Upgrade tcpdump_3.6.2-2.2_sparc.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_sparc.deb
LBL tcpdump 3.5:
LBL tcpdump 3.5.2:
     SCO RPM tcpdump-3.6.2-4.i386.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-050.0/RPMS/tcpdump-3.6.2-4.i386.rpm
     SCO RPM tcpdump-3.6.2-4.src.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-050.0/SRPMS/tcpdump-3.6.2-4.src.rpm
     SCO RPM tcpdump-3.6.2-4.i386.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-050.0/RPMS/tcpdump-3.6.2-4.i386.rpm
     SCO RPM tcpdump-3.6.2-4.src.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-050.0/SRPMS/tcpdump-3.6.2-4.src.rpm
     SCO RPM tcpdump-3.6.2-4.i386.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-050.0/RPMS/tcpdump-3.6.2-4.i386.rpm
     SCO RPM tcpdump-3.6.2-4.src.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-050.0/SRPMS/tcpdump-3.6.2-4.src.rpm
     SCO RPM tcpdump-3.6.2-4.i386.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-50.0/RPMS/tcpdump-3.6.2-4.i386.rpm
     SCO RPM tcpdump-3.6.2-4.src.rpm
     ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-050.0/SRPMS/tcpdump-3.6.2-4.src.rpm
LBL tcpdump 3.6.2:

相关信息
相关资料:http://online.securityfocus.com/advisories/4705
          http://online.securityfocus.com/advisories/4762
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved