Cisco IOS Service Assurance Agent恶意包拒绝服务漏洞发布时间:2003-05-15 更新时间:2003-05-15 严重程度:高 威胁程度:远程拒绝服务 错误类型:意外情况处置错误 利用方式:服务器模式 BUGTRAQ ID:7607 受影响系统 Cisco 1000详细描述 Cisco IOS在处理Service Assurance Agent包的时候存在漏洞。远程攻击者可以利用这个漏洞对路由器进行拒绝服务攻击。 解决方案 使用如下命令关闭RTR: Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no rtr responder Router(config)#exit Router#copy running-config startup-config 或设置规则过滤来自不信任网络到UDP 1967的端口: Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#access-list 101 deny udp any any eq 1967 Router(config)#interface eth0 Router(config)#ip access-group 101 in Cisco IOS 12.0 XE: Cisco Upgrade IOS 12.2 Cisco IOS 12.0 WC: Cisco Upgrade IOS 12.0(5)WCa http://www.cisco.com/ Cisco IOS 12.0 SY: Cisco Upgrade IOS 12.0(22)SY http://www.cisco.com/ Cisco IOS 12.0 ST: Cisco Upgrade IOS 12.0(19)ST5 Cisco Upgrade IOS 12.0(21)ST2 Cisco IOS 12.0 SL: Cisco Upgrade IOS 12.0ST Cisco Upgrade IOS 12.0S Cisco IOS 12.0 SC: Cisco Upgrade IOS 12.1EC Cisco IOS 12.0 S: Cisco Upgrade IOS 12.0(21)S3 Cisco IOS 12.1 YC: Cisco Upgrade IOS 12.1(4)T http://www.cisco.com/ Cisco IOS 12.1 YB: Cisco Upgrade IOS 12.1(2)T http://www.cisco.com/ Cisco IOS 12.1 XG: Cisco Upgrade IOS 12.2 Cisco Upgrade IOS 12.1(1)T http://www.cisco.com/ Cisco IOS 12.1 XF: Cisco Upgrade IOS 12.2 Cisco IOS 12.1 EX: Cisco Upgrade IOS 12.1(11b)EX http://www.cisco.com/ Cisco IOS 12.1 EW: Cisco Upgrade IOS 12.1(11b)EW(0.46) http://www.cisco.com/ Cisco Upgrade IOS 12.1(11b)EW http://www.cisco.com/ Cisco IOS 12.1 EC: Cisco Upgrade IOS 12.1(12c)EC http://www.cisco.com/ Cisco IOS 12.1 EA: Cisco Upgrade IOS 12.1(8)EA1c http://www.cisco.com/ Cisco IOS 12.1 E: Cisco Upgrade IOS 12.1(13)E http://www.cisco.com/ Cisco IOS 12.1: Cisco Upgrade IOS 12.1(18) Cisco IOS 12.2 YH: Cisco Upgrade IOS 12.2(4)YH http://www.cisco.com/tac Cisco IOS 12.2 YG: Cisco Upgrade IOS 12.2(4)YG http://www.cisco.com/tac Cisco IOS 12.2 YC: Cisco Upgrade IOS 12.2(4)YC4 http://www.cisco.com/tac Cisco IOS 12.2 YA: Cisco Upgrade IOS 12.2(4)YA3 http://www.cisco.com/tac Cisco IOS 12.2 XL: Cisco Upgrade IOS 12.2(4)XL5 http://www.cisco.com/tac Cisco IOS 12.2 XK: Cisco Upgrade IOS 12.2(2)XK3 http://www.cisco.com/tac Cisco IOS 12.2 XC: Cisco Upgrade IOS 12.2(1a)XC5 http://www.cisco.com/tac Cisco IOS 12.2 S: Cisco Upgrade IOS 12.2(11.1)S http://www.cisco.com/tac Cisco IOS 12.2 MB: Cisco Upgrade IOS 12.2(4)MB5 http://www.cisco.com/tac Cisco IOS 12.2 DA: Cisco Upgrade IOS 12.2(12)DA http://www.cisco.com/tac Cisco IOS 12.2 BZ: Cisco Upgrade IOS 12.2(15)BZ http://www.cisco.com/tac Cisco IOS 12.2 (4)B: Cisco Upgrade IOS 12.2(13.3)B http://www.cisco.com/tac Cisco IOS 12.2: Cisco Upgrade IOS 12.2(10) http://www.cisco.com/tac 相关信息 http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml |
