首页 -> 安全研究
安全研究
安全漏洞
Squid MSNT Auth Helper远程缓冲区溢出漏洞
发布日期:2002-07-03
更新日期:2002-07-08
受影响系统:
National Science Foundation Squid Web Proxy 2.4STABLE6不受影响系统:
National Science Foundation Squid Web Proxy 2.4STABLE4
National Science Foundation Squid Web Proxy 2.4STABLE3
National Science Foundation Squid Web Proxy 2.4STABLE2
National Science Foundation Squid Web Proxy 2.4STABLE1
National Science Foundation Squid Web Proxy 2.4PRE-STABLE2
National Science Foundation Squid Web Proxy 2.4PRE-STABLE
National Science Foundation Squid Web Proxy 2.4DEVEL4
National Science Foundation Squid Web Proxy 2.4DEVEL2
National Science Foundation Squid Web Proxy 2.4
National Science Foundation Squid Web Proxy 2.4
National Science Foundation Squid Web Proxy 2.3STABLE5
National Science Foundation Squid Web Proxy 2.3STABLE4
National Science Foundation Squid Web Proxy 2.3STABLE3
National Science Foundation Squid Web Proxy 2.3STABLE2
National Science Foundation Squid Web Proxy 2.3.1
National Science Foundation Squid Web Proxy 2.3
National Science Foundation Squid Web Proxy 2.2STABLE5
National Science Foundation Squid Web Proxy 2.2
National Science Foundation Squid Web Proxy 2.1
National Science Foundation Squid Web Proxy 2.0
- Linux系统
- Unix系统
National Science Foundation Squid Web Proxy 2.4STABLE7描述:
BUGTRAQ ID: 5155
CVE(CAN) ID: CVE-2002-0713
Squid是一款免费开放源代码WEB代理软件,可使用在Unix、Linux、Microsoft Windows操作系统下。
Squid MSNT auth helper组件存在漏洞,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击。
当Squid使用msnt_auth配置用于拒绝用户或者允许用户访问控制文件时,MSTN auth helper存在缓冲区溢出攻击,远程攻击者可能以Squid进程的权限在系统上执行任意指令。
<*来源:Henrik Nordstrom (hno@squid-cache.org)
链接:http://archives.neohapsis.com/archives/bugtraq/2002-07/0036.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506
https://www.redhat.com/support/errata/RHSA-2002-051.html
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 暂时没有合适的临时解决方法。
厂商补丁:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:506)以及相应补丁:
CLA-2002:506:squid
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506
补丁下载:
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/squid-2.4.7-1U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/squid-2.4.7-1U60_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-auth-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-doc-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-templates-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/squid-2.4.7-1U70_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-auth-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-doc-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-templates-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/squid-2.4.7-1U8_3cl.src.rpm
Conectiva Linux version 6.0及以上版本的用户可以使用apt进行RPM包的更新:
- 把以下的文本行加入到/etc/apt/sources.list文件中:
rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates
(如果你不是使用6.0版本,用合适的版本号代替上面的6.0)
- 执行: apt-get update
- 更新以后,再执行: apt-get upgrade
National Science Foundation
---------------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
National Science Foundation Upgrade squid-2.4.STABLE7-src.tar.gz
ftp://ftp.squid-cache.org/pub/squid-2/STABLE/squid-2.4.STABLE7-src.tar.gz
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:051-16)以及相应补丁:
RHSA-2002:051-16:New Squid packages available
链接:https://www.redhat.com/support/errata/RHSA-2002-051.html
补丁下载:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/squid-2.4.STABLE6-6.6.2.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/squid-2.4.STABLE6-6.6.2.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/squid-2.4.STABLE6-6.6.2.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/squid-2.4.STABLE6-6.6.2.sparc.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/squid-2.4.STABLE6-6.7.0.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/squid-2.4.STABLE6-6.7.0.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/squid-2.4.STABLE6-6.7.0.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/squid-2.4.STABLE6-6.7.1.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/squid-2.4.STABLE6-6.7.1.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/squid-2.4.STABLE6-6.7.1.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/squid-2.4.STABLE6-6.7.1.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/squid-2.4.STABLE6-6.7.3.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/squid-2.4.STABLE6-6.7.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/squid-2.4.STABLE6-6.7.3.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/squid-2.4.STABLE6-6.7.3.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/squid-2.4.STABLE6-6.7.3.i386.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
浏览次数:2972
严重程度:0(网友投票)
绿盟科技给您安全的保障