TCPDUMP畸形RADIUS数据包拒绝服务攻击漏洞

发布时间：2003-03-26
更新时间：2003-03-26
严重程度：高
威胁程度：远程拒绝服务
错误类型：设计错误
利用方式：服务器模式

BUGTRAQ ID：7090

受影响系统

LBL tcpdump 3.5.2
LBL tcpdump 3.6.2
   +Caldera OpenLinux Server 3.1
   +Caldera OpenLinux Server 3.1.1
   +Caldera OpenLinux Workstation 3.1
   +Caldera OpenLinux Workstation 3.1.1
   +Conectiva Linux 5.0
   +Conectiva Linux 5.1
   +Conectiva Linux 6.0
   +Conectiva Linux 7.0
   +Conectiva Linux 8.0
   +Debian Linux 3.0
   +Debian Linux 3.0 alpha
   +Debian Linux 3.0 arm
   +Debian Linux 3.0 hppa
   +Debian Linux 3.0 ia-32
   +Debian Linux 3.0 ia-64
   +Debian Linux 3.0 m68k
   +Debian Linux 3.0 mips
   +Debian Linux 3.0 mipsel
   +Debian Linux 3.0 ppc
   +Debian Linux 3.0 s/390
   +Debian Linux 3.0 sparc
   +FreeBSD FreeBSD 4.0
   +FreeBSD FreeBSD 4.1
   +FreeBSD FreeBSD 4.1.1
   +FreeBSD FreeBSD 4.2
   +FreeBSD FreeBSD 4.3
   +HP Secure OS software for Linux 1.0
   +MandrakeSoft Corporate Server 1.0.1
   +MandrakeSoft Linux Mandrake 7.1
   +MandrakeSoft Linux Mandrake 7.2
   +MandrakeSoft Linux Mandrake 8.0
   +MandrakeSoft Linux Mandrake 8.1
   +MandrakeSoft Linux Mandrake 8.2
   +MandrakeSoft Single Network Firewall 7.2
   +RedHat Linux 6.2 alpha
   +RedHat Linux 6.2 i386
   +RedHat Linux 6.2 sparc
   +RedHat Linux 7.0 alpha
   +RedHat Linux 7.0 i386
   +RedHat Linux 7.1 alpha
   +RedHat Linux 7.1 i386
   +RedHat Linux 7.1 ia64
   +RedHat Linux 7.2 i386
   +RedHat Linux 7.2 ia64
   +S.u.S.E. Linux 8.0
   +Trustix Secure Linux 1.1
   +Trustix Secure Linux 1.2
   +Trustix Secure Linux 1.5
LBL tcpdump 3.7
   +FreeBSD FreeBSD 4.2
   +FreeBSD FreeBSD 4.2 -RELEASE
   +FreeBSD FreeBSD 4.2 -STABLE
   +FreeBSD FreeBSD 4.3
   +FreeBSD FreeBSD 4.3 -RELEASE
   +FreeBSD FreeBSD 4.3 -RELENG
   +FreeBSD FreeBSD 4.3 -STABLE
   +FreeBSD FreeBSD 4.4
   +FreeBSD FreeBSD 4.4 -RELENG
   +FreeBSD FreeBSD 4.4 -STABLE
   +FreeBSD FreeBSD 4.5
   +FreeBSD FreeBSD 4.5 -RELEASE
   +FreeBSD FreeBSD 4.5 -STABLE
   +FreeBSD FreeBSD 4.6
   +FreeBSD FreeBSD 4.6 -RELEASE
LBL tcpdump 3.7.1
   +Gentoo Linux 1.4 _rc1
   +Gentoo Linux 1.4 _rc2
   +S.u.S.E. Linux 8.1

详细描述
TCPDUMP流行的网络数据包嗅探和分析工具，tcpdump解码分析数据包时存在漏洞，向运行了有问题tcpdump的主机发送一个畸形的数据包，会导致tcpdump在收到包以后忽略网络流量，从而造成拒绝服务攻击。

解决方案
厂商已经在新版本的软件中修补了此漏洞：

LBL tcpdump 3.5.2:
LBL tcpdump 3.6.2:
     Debian Upgrade tcpdump_3.6.2-2.4_sparc.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_sparc.deb
     Debian Upgrade tcpdump_3.6.2-2.4_s390.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_s390.deb
     Debian Upgrade tcpdump_3.6.2-2.4_powerpc.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_powerpc.deb
     Debian Upgrade tcpdump_3.6.2-2.4_mipsel.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_mipsel.deb
     Debian Upgrade tcpdump_3.6.2-2.4_mips.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_mips.deb
     Debian Upgrade tcpdump_3.6.2-2.4_m68k.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_m68k.deb
     Debian Upgrade tcpdump_3.6.2-2.4_hppa.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_hppa.deb
     Debian Upgrade tcpdump_3.6.2-2.4_ia64.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_ia64.deb
     Debian Upgrade tcpdump_3.6.2-2.4_i386.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_i386.deb
     Debian Upgrade tcpdump_3.6.2-2.4_arm.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_arm.deb
     Debian Upgrade tcpdump_3.6.2-2.4_alpha.deb
     http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.4_alpha.deb

相关信息
DSA 261-1: tcpdump
http://online.securityfocus.com/advisories/5093

最近严重漏洞

TCPDUMP畸形RADIUS数据包拒绝服务攻击漏洞