首页 -> 安全研究
安全研究
绿盟月刊
绿盟安全月刊->第29期->最新漏洞
日期:2002-03-18
受影响的系统:
Caldera Open Server 5.0
Caldera OpenUnix 8.0
Caldera UnixWare 7.1.1
Caldera UnixWare 7.1.0
Caldera UnixWare 7
HP EMS A.03.20
HP EMS A.03.10
HP EMS A.03.00
HP HP-UX 11.20
HP HP-UX 11.11
HP HP-UX 11.0
HP HP-UX 10.20
HP HP-UX 10.10
HP HP-UX 10.0
HP HP-UX (VVOS) 11.04
HP HP-UX (VVOS) 10.24
HP JetDirect x.20.00
HP JetDirect x.20.00
HP JetDirect x.08.00
HP JetDirect x.08.00
HP MPE/iX 6.5
HP MPE/iX 6.0
HP MPE/iX 5.5
HP MPE/iX 5.0
HP MPE/iX 4.5
HP MPE/iX 4.0
HP OpenView Network Node Manager 6.2 Solaris
HP OpenView Network Node Manager 6.2 NT 4.X/Windows 2000
HP OpenView Network Node Manager 6.2 HP-UX 11.X
HP OpenView Network Node Manager 6.2 HP-UX 10.X
HP OpenView Network Node Manager 6.2
HP OpenView Network Node Manager 6.1 Solaris
HP OpenView Network Node Manager 6.1 HP-UX 11.X
HP OpenView Network Node Manager 6.1 HP-UX 10.X
HP OpenView Network Node Manager 6.1
HP OpenView Network Node Manager 5.01 Solaris
HP OpenView Network Node Manager 5.01 HP-UX
HP OpenView Network Node Manager 5.01
HP OpenView Network Node Manager 4.11 Solaris
HP OpenView Network Node Manager 4.11 HP-UX
Microsoft Windows XP Professional
Microsoft Windows XP Home
Microsoft Windows NT 4.0SP6a
Microsoft Windows NT 4.0SP6
Microsoft Windows NT 4.0SP5
Microsoft Windows NT 4.0SP4
Microsoft Windows NT 4.0SP3
Microsoft Windows NT 4.0SP2
Microsoft Windows NT 4.0SP1
Microsoft Windows NT 4.0
Microsoft Windows ME
Microsoft Windows 98se
Microsoft Windows 98
Microsoft Windows 95
Microsoft Windows 2000SP2
Microsoft Windows 2000SP1
Microsoft Windows 2000
Nokia ISPO 3.4.1
Nokia ISPO 3.4
Nokia ISPO 3.3.1
Nokia ISPO 3.3
Nokia ISPO 3.1.3
Novell Netware 6.0
Novell Netware 5.1
Novell Netware 5.0
Novell Netware 4.0
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 7.0_x86
Sun Solaris 7.0
Sun Solaris 2.6_x86
Sun Solaris 2.6
3Com Dual Speed Hub
3Com PS Hub 50
3Com PS Hub 40
3Com Switch 4900
3Com Switch 4400
3Com Switch 3300
3Com Switch 1100
3Com WebCache 3000
3Com WebCache 1000
AdventNet Agent Toolkit Java/JMX Edition
AdventNet Agent Toolkit - C Edition
AdventNet CLI API
AdventNet Configuration Management Toolkit
AdventNet Fault Management Toolkit
AdventNet Management Builder
AdventNet Mediation Server
AdventNet SNMP API
AdventNet SNMP Utilities
AdventNet Web NMS
AdventNet Web NMS MSP Edition
CacheFlow CacheOS 4.0
CacheFlow CacheOS 3.1
Computer Associates Unicenter
HP MC/ServiceGuard
HP OpenView Emanate SNMP Agent 14.2 Solaris 2.X
HP OpenView Emanate SNMP Agent 14.2 HP-UX 11.X
HP OpenView Emanate SNMP Agent 14.2 HP-UX 10.20
Innerdive Solutions Router IP Console 3.3.0.406
Innerdive Solutions Router IP Console 3.3.0.406
Juniper Networks JUNOS 5.0
Lantronix LRS
Lotus Domino SNMP Agents 5.0.1Solaris x86
Lotus Domino SNMP Agents 5.0.1Solaris SPARC
Lotus Domino SNMP Agents 5.0.1HP-UX
Process Software Multinet 4.4
Process Software TCPWare 5.5
RedBack Networks AOS
SNMP Research DR-Web Manager 15.3
SNMP Research Enterpol 15.3
SNMP Research Mid-Level Manager 15.3
Comtek Services NMServer 3.4
- OpenVMS 7.3 Alpha
- OpenVMS 7.3 VAX
- OpenVMS 7.2-2
- OpenVMS 7.2-2 Alpha
- OpenVMS 7.2-1H1 Alpha
- OpenVMS 7.2-1H1
- OpenVMS 7.2 VAX
- OpenVMS 7.2
- OpenVMS 7.1-2
- OpenVMS 7.1-2 Alpha
- OpenVMS 6.2 Alpha
- OpenVMS 6.2
- OpenVMS 6.2 VAX
Net-SNMP ucd-snmp 4.1.1
- Debian Linux 2.2
Net-SNMP ucd-snmp 4.2.1
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 x86
- RedHat Linux 7.1 x86
- RedHat Linux 7.1 alpha
- RedHat Linux 7.1
- RedHat Linux 7.1 ia64
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0
- RedHat Linux 7.0 x86
- RedHat Linux 6.2
- RedHat Linux 6.2 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 x86
不受影响系统:
HP JetDirect x.21.00
HP JetDirect x.08.32
Nokia ISPO 3.4.2
Innerdive Solutions Router IP Console 3.3.0.407
Net-SNMP ucd-snmp 4.2.2
描述:
BUGTRAQ ID: 4089
CVE(CAN) ID: CAN-2002-0013
SNMP请求是管理系统给代理系统发送的消息,它们通常询问代理系统当前性能和配置信息,请求Management Information Base (MIB)的下一个SNMP对象,或者修改代理的配置。
许多SNMP的实现被发现了多个漏洞。这些漏洞发生在SNMP信息的解码和解释的处理上。
PROTOS小组开发的c06-SNMPv1测试工具已经发现众多厂商的SNMP实现中对SNMP请求的处理中存在大量的安全问题,攻击者可能通过GetRequest、GetNextRequest、SetRequest命令来使远程SNMP服务器崩溃甚至以SNMP服务器运行权限执行任意代码。各种受影响产品各自的影响程度各不一致。
<*来源:Oulu University Secure Programming Group
链接:http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.html
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-014.php3
https://www.redhat.com/support/errata/RHSA-2001-163.html
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:11.snmp.asc
http://www.debian.org/security/2002/dsa-111
http://www.microsoft.com/technet/security/bulletin/MS02-006.asp
http://www.cert.org/advisories/CA-2002-03.html
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/215&type=0&nav=sec.sba
http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml
*>
--------------------------------------------------------------------------------
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 暂时关闭SNMP服务。如果您不需要SNMP服务,您应该立刻关闭它。
* 在边界路由器或者防火墙上限制对受保护网络的SNMP服务端口的访问。
通常需要限制的端口是:
snmp 161/udp # Simple Network Management Protocol (SNMP)
snmp 162/udp # SNMP system management messages
在某些受影响产品中,下列服务也需要进行限制:
snmp 161/tcp # Simple Network Management Protocol (SNMP)
snmp 162/tcp # SNMP system management messages
smux 199/tcp # SNMP Unix Multiplexer
smux 199/udp # SNMP Unix Multiplexer
synoptics-relay 391/tcp # SynOptics SNMP Relay Port
synoptics-relay 391/udp # SynOptics SNMP Relay Port
agentx 705/tcp # AgentX
snmp-tcp-port 1993/tcp # cisco SNMP TCP port
snmp-tcp-port 1993/udp # cisco SNMP TCP port
另外,某些和SNMP相关的RPC服务也可能需要限制:
snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk
snmpv2 100138 na.snmpv2 # SNM Version 2.2.2
snmpXdmid 100249
* 禁止来自未经授权的内部主机的SNMP访问。
由于通常只有少数管理主机需要进行SNMP访问,您可以在SNMP Agent主机上进行访问控制,禁止来自未经授权的内部主机的SNMP访问请求。
* 改变缺省SNMP口令。
改变缺省的只读和可写口令,例如“public”、“private”,可以防止部分的攻击。但是仍然有一些攻击甚至无需有效的口令。
厂商补丁:
3Com
----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
3com PS Hub 40 :
3com Upgrade psh02_16.exe
ftp://ftp.3com.com/pub/superstack-ii/superstack-ii-ps-hub-40/psh02_16.exe
3com PS Hub 50 :
3com Upgrade psf02_16.exe
ftp://ftp.3com.com/pub/superstack-ii/superstack-ii-ps-hub-50/psf02_16.exe
3com Dual Speed Hub :
3com Upgrade dsh02_16.exe
ftp://ftp.3com.com/pub/superstack-ii/superstack-ii-hub-500/dsh02_16.exe
3com Switch 1100 :
3com Upgrade s2s02_68.exe
ftp://ftp.3com.com/pub/superstack-ii/superstack-ii-1100/s2s02_68.exe
3com Switch 4400 :
3com Upgrade s3m02_02.exe
ftp://ftp.3com.com/pub/superstack_3/switch_4400/s3m02_02.exe
3com Switch 4900 :
3com Upgrade s3g02_04.exe
http://www.3com.com/en_US/layer3/register.html
3com Switch 3300 :
3com Upgrade s2s02_68.exe
ftp://ftp.3com.com/pub/superstack-ii/superstack-ii-1100/s2s02_68.exe
3com WebCache 1000 :
3com Upgrade s3b_02_00.bin
ftp://ftp.3com.com/pub/webcache/agents/s3b_02_00.bin
3com WebCache 3000 :
3com Upgrade s3b_02_00.bin
ftp://ftp.3com.com/pub/webcache/agents/s3b_02_00.bin
Caldera
-------
Caldera已经为此发布了一个安全公告(CSSA-2002-SCO.4)以及相应补丁:
CSSA-2002-SCO.4:Open UNIX, UnixWare 7: snmpd memory fault
链接:ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4
补丁下载:
Caldera UnixWare 7:
Caldera OpenServer 5.0:
Caldera UnixWare 7.1.0:
Caldera Patch erg711937c.Z
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/erg711937c.Z
Caldera UnixWare 7.1.1:
Caldera Patch erg711937b.Z
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/erg711937b.Z
Caldera OpenUnix 8.0:
Caldera Patch erg711937.Z
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/erg711937.Z
Cisco
-----
Cisco已经为此发布了一个安全公告(Cisco-malformed-snmp-msgs-pub)以及相应补丁:
Cisco-malformed-snmp-msgs-pub:Malformed SNMP Message-Handling Vulnerabilities
链接:http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml
Debian
------
Debian已经为此发布了一个安全公告(DSA-111-1)以及相应补丁:
DSA-111-1:Multiple SNMP vulnerabilities
链接:http://www.debian.org/security/2002/dsa-111
补丁下载:
Debian Upgrade libsnmp4.1-dev_4.1.1-2.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libsnmp4.1-dev_4.1.1-2.1_alpha.deb
Debian Upgrade libsnmp4.1_4.1.1-2.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libsnmp4.1_4.1.1-2.1_alpha.deb
Debian Upgrade snmp_4.1.1-2.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/snmp_4.1.1-2.1_alpha.deb
Debian Upgrade snmpd_4.1.1-2.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/snmpd_4.1.1-2.1_alpha.deb
Debian Upgrade libsnmp4.1-dev_4.1.1-2.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libsnmp4.1-dev_4.1.1-2.1_arm.deb
Debian Upgrade libsnmp4.1_4.1.1-2.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libsnmp4.1_4.1.1-2.1_arm.deb
Debian Upgrade snmp_4.1.1-2.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/snmp_4.1.1-2.1_arm.deb
Debian Upgrade snmpd_4.1.1-2.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/snmpd_4.1.1-2.1_arm.deb
Debian Upgrade libsnmp4.1-dev_4.1.1-2.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libsnmp4.1-dev_4.1.1-2.1_i386.deb
Debian Upgrade libsnmp4.1_4.1.1-2.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libsnmp4.1_4.1.1-2.1_i386.deb
Debian Upgrade snmp_4.1.1-2.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/snmp_4.1.1-2.1_i386.deb
Debian Upgrade snmpd_4.1.1-2.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/snmpd_4.1.1-2.1_i386.deb
Debian Upgrade libsnmp4.1-dev_4.1.1-2.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libsnmp4.1-dev_4.1.1-2.1_m68k.deb
Debian Upgrade libsnmp4.1_4.1.1-2.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libsnmp4.1_4.1.1-2.1_m68k.deb
Debian Upgrade snmp_4.1.1-2.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/snmp_4.1.1-2.1_m68k.deb
Debian Upgrade snmpd_4.1.1-2.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/snmpd_4.1.1-2.1_m68k.deb
Debian Upgrade libsnmp4.1-dev_4.1.1-2.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libsnmp4.1-dev_4.1.1-2.1_powerpc.deb
Debian Upgrade libsnmp4.1_4.1.1-2.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libsnmp4.1_4.1.1-2.1_powerpc.deb
Debian Upgrade snmp_4.1.1-2.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/snmp_4.1.1-2.1_powerpc.deb
Debian Upgrade snmpd_4.1.1-2.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/snmpd_4.1.1-2.1_powerpc.deb
Debian Upgrade libsnmp4.1-dev_4.1.1-2.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libsnmp4.1-dev_4.1.1-2.1_sparc.deb
Debian Upgrade libsnmp4.1_4.1.1-2.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libsnmp4.1_4.1.1-2.1_sparc.deb
Debian Upgrade snmp_4.1.1-2.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/snmp_4.1.1-2.1_sparc.deb
Debian Upgrade snmpd_4.1.1-2.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/snmpd_4.1.1-2.1_sparc.deb
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-02:11)以及相应补丁:
FreeBSD-SA-02:11:ucd-snmp/net-snmp remotely exploitable vulnerabilities
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:11.snmp.asc
补丁下载:
FreeBSD Upgrade ucd-snmp-4.2.3.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/ucd-snmp-4.2.3.tgz
Fixes package from the ports for FreeBSD 4-STABLE.
HP
--
HP已经为此发布了一个安全公告(HPSBUX0202-184)以及相应补丁:
HPSBUX0202-184:Sec. Vulnerability in SNMP (rev. 1)
链接:
补丁下载:
HP JetDirect x.20.00:
HP Upgrade X.21.00
JetDirect firmware version X.21.00 is not vulnerable. JetDirect Product Numbers that can be freely upgraded to X.08.32 or X.21.00 or higher firmware: EIO (Peripherals Laserjet 4000, 5000, 8000, ...) J3110A 10T J3111A 10T/10B2/LocalTalk J3112A Token Ring (discontinued) J3113A 10/100 (discontinued) J4169A 10/100 J4167A Token Ring MIO (Peripherals LaserJet 4, 4si, 5si, etc...) J2550A/B 10T (discontinued) J2552A/B 10T/10Base2/LocalTalk (discontinued) J2555A/B Token Ring (discontinued) J4100A 10/100 J4105A Token Ring J4106A 10T External Print Servers J2591A EX+ (discontinued) J2593A EX+3 10T/10B2 (discontinued) J2594A EX+3 Token Ring (discontinued) J3263A 300X 10/100 J3264A 500X Token Ring J3265A 500X 10/100
HP JetDirect x.08.00:
HP Upgrade X.08.32
Jetdirect firmware version X.08.32 is not vulnerable. JetDirect Product Numbers that can be freely upgraded to X.08.32 or X.21.00 or higher firmware: EIO (Peripherals Laserjet 4000, 5000, 8000, ..) J3110A 10T J3111A 10T/10B2/LocalTalk J3112A Token Ring (discontinued) J3113A 10/100 (discontinued) J4169A 10/100 J4167A Token Ring MIO (Peripherals LaserJet 4, 4si, 5si, etc...) J2550A/B 10T (discontinued) J2552A/B 10T/10Base2/LocalTalk (discontinued) J2555A/B Token Ring (discontinued) J4100A 10/100 J4105A Token Ring J4106A 10T External Print Servers J2591A EX+ (discontinued) J2593A EX+3 10T/10B2 (discontinued) J2594A EX+3 Token Ring (discontinued) J3263A 300X 10/100 J3264A 500X Token Ring J3265A 500X 10/100
HP EMS A.03.20:
HP EMS A.03.10:
HP EMS A.03.00:
HP Procurve Switch 2524 :
HP Upgrade F.04.08
http://www.hp.com/rnd/software/switches.htm
Fixed version of firmware for HP Procurve Switch 2524 (J4813A) and Procurve Switch 2512 (J4812A).
HP Procurve Switch 2525 :
HP MC/ServiceGuard :
HP Procurve Switch 2512 :
HP Upgrade F.04.08
http://www.hp.com/rnd/software/switches.htm
Fixed version of firmware for HP Procurve Switch 2524 (J4813A) and Procurve Switch 2512 (J4812A).
HP Procurve Switch 4108GL :
HP Upgrade G.04.05
http://www.hp.com/rnd/software/switches.htm
Fixed version of firmware for HP Procurve Switch 4108GL (J4865A) and Procurve Switch 4108GL-bundle (J4861A).
HP Procurve Switch 4108GL-bundle :
HP Upgrade G.04.05
http://www.hp.com/rnd/software/switches.htm
Fixed version of firmware for HP Procurve Switch 4108GL (J4865A) and Procurve Switch 4108GL-bundle (J4861A).
HP MPE/iX 4.0:
HP OpenView Network Node Manager 4.11 Solaris:
HP OpenView Network Node Manager 4.11 HP-UX:
HP MPE/iX 4.5:
HP OpenView Network Node Manager 5.01 Solaris:
HP OpenView Network Node Manager 5.01 HP-UX:
HP OpenView Network Node Manager 5.01:
HP MPE/iX 5.0:
HP MPE/iX 5.5:
HP MPE/iX 6.0:
HP OpenView Network Node Manager 6.1 Solaris:
HP OpenView Network Node Manager 6.1 HP-UX 11.X:
HP OpenView Network Node Manager 6.1 HP-UX 10.X:
HP OpenView Network Node Manager 6.1:
HP OpenView Network Node Manager 6.2 Solaris:
HP Patch PSOV_03100
http://support.openview.hp.com/cpe/patches/nnm/6.2/s700_800_11.X.jsp
HP OpenView Network Node Manager 6.2 NT 4.X/Windows 2000:
HP Patch NNM_00857
http://support.openview.hp.com/cpe/patches/nnm/6.2/s700_800_11.X.jsp
HP OpenView Network Node Manager 6.2 HP-UX 11.X:
HP Patch PHSS_26287
http://support.openview.hp.com/cpe/patches/nnm/6.2/s700_800_11.X.jsp
HP OpenView Network Node Manager 6.2 HP-UX 10.X:
HP Patch PHSS_26286
http://support.openview.hp.com/cpe/patches/nnm/6.2/s700_800_11.X.jsp
HP OpenView Network Node Manager 6.2:
HP MPE/iX 6.5:
HP HP-UX 10.0:
HP HP-UX 10.10:
HP HP-UX 10.20:
HP HP-UX (VVOS) 10.24:
HP HP-UX (VVOS) 11.04:
HP HP-UX 11.0:
HP HP-UX 11.11:
HP HP-UX 11.20:
HP OpenView Emanate SNMP Agent 14.2 Solaris 2.X:
HP Patch PSOV_03087
HP OpenView Emanate SNMP Agent 14.2 HP-UX 11.X:
HP Patch PHSS_26138
HP OpenView Emanate SNMP Agent 14.2 HP-UX 10.20:
HP Patch PHSS_26137
Lotus
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Lotus Domino SNMP Agents 5.0.1Solaris x86:
Lotus Patch SNMP Agent 5.0.1a Solaris x86
http://www-1.ibm.com/support/manager.wss?rt=4&org=sims&doc=A0199DEE50F6BEB085256B490083292E&aid=3
Lotus Domino SNMP Agents 5.0.1Solaris SPARC:
Lotus Patch SNMP Agent 5.0.1a Solaris SPARC
http://www-1.ibm.com/support/manager.wss?rt=4&org=sims&doc=ABCB071F81A83A5E85256B490082FAA4&aid=3
Lotus Domino SNMP Agents 5.0.1HP-UX:
Lotus Patch SNMP Agent 5.0.1a HP-UX
http://www-1.ibm.com/support/manager.wss?rt=4&org=sims&doc=202C7FF4693DB56585256B490080C619&aid=3
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2002:014)以及相应补丁:
MDKSA-2002:014:ucd-snmp
链接:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-014.php3
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS02-006)以及相应补丁:
MS02-006:Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
链接:http://www.microsoft.com/technet/security/bulletin/MS02-006.asp
补丁下载:
Windows 2000:
http://www.microsoft.com/downloads/release.asp?ReleaseID=36142
Windows XP:
http://www.microsoft.com/downloads/release.asp?ReleaseID=36262
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2001:163-20)以及相应补丁:
RHSA-2001:163-20:Updated ucd-snmp packages available
链接:https://www.redhat.com/support/errata/RHSA-2001-163.html
补丁下载:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/ucd-snmp-4.2.3-1.6.x.3.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/ucd-snmp-4.2.3-1.6.x.3.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/ucd-snmp-utils-4.2.3-1.6.x.3.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/ucd-snmp-devel-4.2.3-1.6.x.3.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/ucd-snmp-4.2.3-1.6.x.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/ucd-snmp-utils-4.2.3-1.6.x.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/ucd-snmp-devel-4.2.3-1.6.x.3.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/ucd-snmp-4.2.3-1.6.x.3.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/ucd-snmp-utils-4.2.3-1.6.x.3.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/ucd-snmp-devel-4.2.3-1.6.x.3.sparc.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/ucd-snmp-4.2.3-1.7.0.3.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/ucd-snmp-4.2.3-1.7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/ucd-snmp-utils-4.2.3-1.7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/ucd-snmp-devel-4.2.3-1.7.0.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/ucd-snmp-4.2.3-1.7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/ucd-snmp-utils-4.2.3-1.7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/ucd-snmp-devel-4.2.3-1.7.0.3.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/ucd-snmp-4.2.3-1.7.1.3.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/ucd-snmp-4.2.3-1.7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/ucd-snmp-utils-4.2.3-1.7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/ucd-snmp-devel-4.2.3-1.7.1.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/ucd-snmp-4.2.3-1.7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/ucd-snmp-utils-4.2.3-1.7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/ucd-snmp-devel-4.2.3-1.7.1.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/ucd-snmp-4.2.3-1.7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/ucd-snmp-utils-4.2.3-1.7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/ucd-snmp-devel-4.2.3-1.7.1.3.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/ucd-snmp-4.2.3-1.7.2.3.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/ethereal-0.8.18-10.7.2.1.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/ucd-snmp-4.2.3-1.7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ucd-snmp-utils-4.2.3-1.7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ucd-snmp-devel-4.2.3-1.7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ethereal-0.8.18-10.7.2.1.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ethereal-gnome-0.8.18-10.7.2.1.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/ucd-snmp-4.2.3-1.7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ucd-snmp-utils-4.2.3-1.7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ucd-snmp-devel-4.2.3-1.7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ethereal-0.8.18-10.7.2.1.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ethereal-gnome-0.8.18-10.7.2.1.ia64.rpm
Sun
---
Sun已经为此发布了一个安全公告(Sun-00215)以及相应补丁:
Sun-00215:snmpdx
链接:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/215&type=0&nav=sec.sba
补丁下载:
OS Version Patch ID
__________ _________
SunOS 5.8 108869-15
SunOS 5.8_x86 108870-15
SunOS 5.7 107709-18
SunOS 5.7_x86 107710-18
SunOS 5.6 106787-17
SunOS 5.6_x86 106872-17
您可以使用下列链接来下载相应补丁:
http://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=<补丁ID>&method=h
例如,对于代号为111596-02的补丁,您可以使用下列链接:
http://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=111596&method=h
补丁安装方法:
1. 首先用unzip或者uncompress命令将补丁包解压缩
2. 然后使用patchadd 命令安装补丁,例如:
#patchadd /var/spool/patch/104945-02
假设要安装的补丁号是104945-02, 解压之后的目录在:"/var/spool/patch/104945-02"
SNMP Research
-------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.snmp.com/
版权所有,未经许可,不得转载