首页 -> 安全研究
安全研究
绿盟月刊
绿盟安全月刊->第29期->最新漏洞
日期:2002-03-18
更新日期: 2002-3-4
受影响的系统:
Cisco IOS 12.2T
Cisco IOS 12.2
Cisco IOS 12.1T
Cisco IOS 12.1E
Cisco IOS 12.1
Cisco IOS 12.0T
Cisco IOS 12.0ST
Cisco IOS 12.0
Cisco IOS 11.1CC
描述:
BUGTRAQ ID: 4191
IOS(Internet Operating System)是广泛用于Cisco路由器的操作系统,由Cisco公司开发和维护。
某些版本的IOS在Cisco Express Forwarding(CEF)实现上存在漏洞,可能导致转发数据包信息泄露。
当Cisco路由器处于Cisco Express Forwarding(CEF)模式时,如果路由器收到的数据包其IP头里指明的长度大于包的物理长度时,这样的包会被扩展长度到到IP包头指定的值,当扩展之时,用于扩展的数据来自内存中存储的之前转发过的数据,从而导致了信息的泄露。
攻击者无法指定所要获取的信息内容,这减少了获取敏感信息的可能性。
<*来源:Cisco Security Advisory
链接:http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml
*>
--------------------------------------------------------------------------------
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 在漏洞修补之前,在路由器上禁止使用Cisco Express Forwarding模式。
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(Cisco-IOS-CEF-pub)以及相应补丁:
Cisco-IOS-CEF-pub:Data Leak with Cisco Express Forwarding Enabled
链接:http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml
下面是受影响版本的补丁状态表:
+------------------------------------------------------------------------+
| Train | Description of Image | Availability of Fixed Releases* |
| | or Platform | |
|--------------------------------+---------------------------------------|
| 11.1-based Releases | Rebuild | Interim** | Maintenance |
|--------------------------------+----------+--------------+-------------|
| 11.1CC | ED release for 7000 | 11.1(36) | | |
| | series | CC3 | | |
|--------------------------------+----------+--------------+-------------|
| 12.0-based Releases | Rebuild | Interim** | Maintenance |
|--------------------------------+----------+--------------+-------------|
| 12.0 | GD release for all | | 12.0(20.4) | |
| | platforms | | | |
|--------+-----------------------+----------+--------------+-------------|
| 12.0S | ED release for all | 12.0(17) | 12.0(18.3)S | 12.0(19)S |
| | platforms | ST4 | | |
|--------+-----------------------+----------+--------------+-------------|
| 12.0ST | ED release for all | | 12.0(18.3)ST | 12.0(19)ST |
| | platforms | | | |
|--------+-----------------------+---------------------------------------|
| 12.0T | ED release for all | To be decided |
| | platforms | |
|--------+-----------------------+---------------------------------------|
| 12.0W5 | ED release for all | | 12.0(20.4)W5 | |
| | platforms | | (24.7) | |
|--------------------------------+----------+--------------+-------------|
| 12.1-based Releases | Rebuild | Interim** | Maintenance |
|--------------------------------+----------+--------------+-------------|
| 12.1 | LD release for all | | 12.1(9.2) | 12.1(10) |
| | platforms | | | |
|--------+-----------------------+----------+--------------+-------------|
| 12.1E | ED release for all | 12.1 | 12.1(9.5)E | 12.1(8a)E |
| | platforms | (8.5)E2 | | |
|--------+-----------------------+----------+--------------+-------------|
| 12.1EC | ED release for all | 12.1 | 12.1(9.5)EC | |
| | platforms | (7.5)EC1 | | |
|--------+-----------------------+---------------------------------------|
| 12.1T | ED release for all | To be decided |
| | platforms | |
|--------+-----------------------+---------------------------------------|
| 12.1XM | ED release for all | 12.1(5) | | |
| | platforms | XM6 | | |
|--------------------------------+----------+--------------+-------------|
| 12.2-based Releases | Rebuild | Interim** | Maintenance |
|--------------------------------+----------+--------------+-------------|
| 12.2 | LD release for all | | 12.2(2.5) | 12.2(3) |
| | platforms | | | |
|--------+-----------------------+----------+--------------+-------------|
| 12.2S | LD release for all | | 12.2(3.3)S | |
| | platforms | | | |
|--------+-----------------------+----------+--------------+-------------|
| 12.2T | ED release for all | | 12.2(2.4)T | 12.2(4)T |
| | platforms | | | |
+------------------------------------------------------------------------+
索取已修复的软件
================
Cisco为所有受影响用户免费提供用于消除这一漏洞的软件升级。
签约用户可从正常更新渠道获取升级软件。对大多数用户来说,可通过Cisco
网站软件中心获取升级软件:http://www.cisco.com。
事先或目前与第三方支持组织,如Cisco合作伙伴、授权零售商或服务商之间已
有协议,由第三方组织提供Cisco产品或技术支持的用户可免费获得升级支持。
直接从Cisco购买产品但没有Cisco服务合同的用户和由第三方厂商购买产品但无法
从销售方获得已修复软件的用户可从Cisco技术支持中心(TAC)获取升级软件。TAC
联系方法:
* +1 800 553 2447 (北美地区免话费)
* +1 408 526 7209 (全球收费)
* e-mail: tac@cisco.com
版权所有,未经许可,不得转载