首页 -> 安全研究

安全研究

安全漏洞
Libsafe格式化串攻击防护可绕过漏洞

发布日期:2002-03-20
更新日期:2002-03-28

受影响系统:
Avaya Labs Libsafe 2.0-10
    - Debian Linux 2.2 sparc
    - Debian Linux 2.2 68k
    - Debian Linux 2.2 IA-32
    - Debian Linux 2.2 alpha
    - Debian Linux 2.2 powerpc
    - Debian Linux 2.2 arm
    - Mandrake Linux 8.1
    - Mandrake Linux 8.0
    - RedHat Linux 7.2 x86
    - RedHat Linux 7.2 alpha
    - RedHat Linux 7.2 ia64
    - RedHat Linux 7.1 x86
    - RedHat Linux 7.1 alpha
    - RedHat Linux 7.1
    - RedHat Linux 7.1 ia64
    - RedHat Linux 7.0 x86
    - RedHat Linux 7.0 alpha
    - RedHat Linux 7.0
    - RedHat Linux 7.0 sparc
    - RedHat Linux 6.2 sparc
    - RedHat Linux 6.2
    - RedHat Linux 6.2 x86
    - RedHat Linux 6.2 alpha
    - RedHat Linux 6.1 sparc
    - RedHat Linux 6.1
    - RedHat Linux 6.1 x86
    - RedHat Linux 6.1 alpha
    - RedHat Linux 6.0
    - RedHat Linux 6.0 alpha
    - RedHat Linux 6.0 sparc
    - RedHat Linux 6.0 x86
    - RedHat Linux 5.2 x86
    - RedHat Linux 5.2 alpha
    - RedHat Linux 5.2
    - RedHat Linux 5.2 sparc
    - Slackware Linux 8.0
    - Slackware Linux 7.1
    - Slackware Linux 7.0
Avaya Labs Libsafe 2.0-11
    - Debian Linux 2.2 IA-32
    - Debian Linux 2.2 alpha
    - Debian Linux 2.2 powerpc
    - Debian Linux 2.2 arm
    - Debian Linux 2.2 sparc
    - Debian Linux 2.2 68k
    - Mandrake Linux 8.1
    - Mandrake Linux 8.0
    - RedHat Linux 7.2 alpha
    - RedHat Linux 7.2 ia64
    - RedHat Linux 7.2 x86
    - RedHat Linux 7.1 x86
    - RedHat Linux 7.1 alpha
    - RedHat Linux 7.1
    - RedHat Linux 7.1 ia64
    - RedHat Linux 7.0 x86
    - RedHat Linux 7.0 alpha
    - RedHat Linux 7.0
    - RedHat Linux 7.0 sparc
    - RedHat Linux 6.2 sparc
    - RedHat Linux 6.2
    - RedHat Linux 6.2 x86
    - RedHat Linux 6.2 alpha
    - RedHat Linux 6.1 sparc
    - RedHat Linux 6.1
    - RedHat Linux 6.1 x86
    - RedHat Linux 6.1 alpha
    - RedHat Linux 6.0 sparc
    - RedHat Linux 6.0 x86
    - RedHat Linux 6.0
    - RedHat Linux 6.0 alpha
    - RedHat Linux 5.2 alpha
    - RedHat Linux 5.2
    - RedHat Linux 5.2 sparc
    - RedHat Linux 5.2 x86
    - Slackware Linux 8.0
    - Slackware Linux 7.1
    - Slackware Linux 7.0
Avaya Labs Libsafe 2.0-9
    - Debian Linux 2.2 arm
    - Debian Linux 2.2 sparc
    - Debian Linux 2.2 68k
    - Debian Linux 2.2 IA-32
    - Debian Linux 2.2 alpha
    - Debian Linux 2.2 powerpc
    - Mandrake Linux 8.1
    - Mandrake Linux 8.0
    - RedHat Linux 7.2 x86
    - RedHat Linux 7.2 alpha
    - RedHat Linux 7.2 ia64
    - RedHat Linux 7.1 x86
    - RedHat Linux 7.1 alpha
    - RedHat Linux 7.1
    - RedHat Linux 7.1 ia64
    - RedHat Linux 7.0
    - RedHat Linux 7.0 sparc
    - RedHat Linux 7.0 x86
    - RedHat Linux 7.0 alpha
    - RedHat Linux 6.2 sparc
    - RedHat Linux 6.2
    - RedHat Linux 6.2 x86
    - RedHat Linux 6.2 alpha
    - RedHat Linux 6.1 alpha
    - RedHat Linux 6.1 sparc
    - RedHat Linux 6.1
    - RedHat Linux 6.1 x86
    - RedHat Linux 6.0 x86
    - RedHat Linux 6.0
    - RedHat Linux 6.0 alpha
    - RedHat Linux 6.0 sparc
    - RedHat Linux 5.2 x86
    - RedHat Linux 5.2 alpha
    - RedHat Linux 5.2
    - RedHat Linux 5.2 sparc
    - Slackware Linux 8.0
    - Slackware Linux 7.1
    - Slackware Linux 7.0
不受影响系统:
Avaya Labs Libsafe 2.0-12
    - Debian Linux 2.2 arm
Avaya Labs Libsafe 2.0-12
    - Debian Linux 2.2 sparc
Avaya Labs Libsafe 2.0-12
    - Debian Linux 2.2 68k
Avaya Labs Libsafe 2.0-12
    - Debian Linux 2.2 IA-32
Avaya Labs Libsafe 2.0-12
    - Debian Linux 2.2 alpha
Avaya Labs Libsafe 2.0-12
    - Debian Linux 2.2 powerpc
Avaya Labs Libsafe 2.0-12
    - Mandrake Linux 8.1
Avaya Labs Libsafe 2.0-12
    - Mandrake Linux 8.0
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.2 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.2 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.2 ia64
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.1 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.1 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.1
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.1 ia64
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.0
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.0 sparc
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.0 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 7.0 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.2 sparc
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.2
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.2 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.2 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.1 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.1 sparc
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.1
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.1 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.0 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.0
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.0 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 6.0 sparc
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 5.2 x86
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 5.2 alpha
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 5.2
Avaya Labs Libsafe 2.0-12
    - RedHat Linux 5.2 sparc
Avaya Labs Libsafe 2.0-12
    - Slackware Linux 8.0
Avaya Labs Libsafe 2.0-12
    - Slackware Linux 7.1
Avaya Labs Libsafe 2.0-12
    - Slackware Linux 7.0
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.3 i386
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.3 powerpc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.3 sparc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.2 i386
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.2
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.1 i386
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.1
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.1 powerpc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.1 alpha
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.1 sparc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.0 powerpc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.0 alpha
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.0 sparc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.0 i386
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 7.0
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 6.4
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 6.4 i386
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 6.4 powerpc
Avaya Labs Libsafe 2.0-12
    - SuSE Linux 6.4 alpha
描述:
BUGTRAQ  ID: 4326
CVE(CAN) ID: CVE-2002-0175

Libsafe是免费开放源代码设计用于防护缓冲溢出和格式化串攻击的程序,由Avaya Labs开发维护,运行在Linux系统下。

Libsafe对部分C库格式标识不能处理,可导致格式化串攻击可绕过。

Libsafe对某些格式标识类型缺少实现,C库中的格式标识"%'n" 和 "%In"在Libsafe上不能正确处理,因此攻击者可以通过这些格式标识对格式化串漏洞进行攻击而绕过Libsafe的检查。

<*来源:Wojciech Purczynski (cliph@isec.pl
  
  链接:http://archives.neohapsis.com/archives/bugtraq/2002-03/0239.html
*>

建议:
临时解决方法:

如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:

暂时没有合适的临时解决方法。

厂商补丁:

Avaya Labs
----------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

Avaya Labs Libsafe 2.0-9:

Avaya Labs Upgrade libsafe-2.0-12.tgz
http://www.research.avayalabs.com/project/libsafe/src/libsafe-2.0-12.tgz

Avaya Labs Libsafe 2.0-11:

Avaya Labs Upgrade libsafe-2.0-12.tgz
http://www.research.avayalabs.com/project/libsafe/src/libsafe-2.0-12.tgz

Avaya Labs Libsafe 2.0-10:

Avaya Labs Upgrade libsafe-2.0-12.tgz
http://www.research.avayalabs.com/project/libsafe/src/libsafe-2.0-12.tgz

浏览次数:3017
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障