首页 -> 安全研究

安全研究

安全漏洞
Squid FTP目录解析远程缓冲区溢出漏洞

发布日期:2002-07-03
更新日期:2002-07-08

受影响系统:

National Science Foundation Squid Web Proxy 2.4STABLE6
National Science Foundation Squid Web Proxy 2.4STABLE4
National Science Foundation Squid Web Proxy 2.4STABLE3
National Science Foundation Squid Web Proxy 2.4STABLE2
National Science Foundation Squid Web Proxy 2.4STABLE1
National Science Foundation Squid Web Proxy 2.4PRE-STABLE2
National Science Foundation Squid Web Proxy 2.4PRE-STABLE
National Science Foundation Squid Web Proxy 2.4DEVEL4
National Science Foundation Squid Web Proxy 2.4DEVEL2
National Science Foundation Squid Web Proxy 2.4
National Science Foundation Squid Web Proxy 2.4
National Science Foundation Squid Web Proxy 2.3STABLE5
National Science Foundation Squid Web Proxy 2.3STABLE4
National Science Foundation Squid Web Proxy 2.3STABLE3
National Science Foundation Squid Web Proxy 2.3STABLE2
National Science Foundation Squid Web Proxy 2.3.1
National Science Foundation Squid Web Proxy 2.3
National Science Foundation Squid Web Proxy 2.2STABLE5
National Science Foundation Squid Web Proxy 2.2
National Science Foundation Squid Web Proxy 2.1
National Science Foundation Squid Web Proxy 2.0
    - Linux系统  
    - Unix系统  
不受影响系统:

National Science Foundation Squid Web Proxy 2.4STABLE7
描述:

BUGTRAQ  ID: 5156

Squid是一款免费开放源代码WEB代理软件,可使用在Unix、Linux、Microsoft Windows操作系统下。

Squid FTP代理在解析FTP目录列表时存在多个漏洞,远程攻击者可以利用这些漏洞进行缓冲区溢出攻击。

Squid FTP代理在处理FTP目录列表代理请求时存在多个缓冲区溢出问题,远程攻击者可能利用这些漏洞以Squid进程的权限在系统上执行任意指令。

<*来源:Henrik Nordstrom (hno@squid-cache.org
  
  链接:http://archives.neohapsis.com/archives/bugtraq/2002-07/0036.html
        http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506
        https://www.redhat.com/support/errata/RHSA-2002-051.html
*>

建议:

临时解决方法:

如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:

* 暂时没有合适的临时解决方法。

厂商补丁:

Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:506)以及相应补丁:
CLA-2002:506:squid
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506

补丁下载:

ftp://atualizacoes.conectiva.com.br/6.0/RPMS/squid-2.4.7-1U60_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/squid-2.4.7-1U60_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-auth-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-doc-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-templates-2.4.7-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/squid-2.4.7-1U70_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-auth-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-doc-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/squid-templates-2.4.7-1U8_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/squid-2.4.7-1U8_3cl.src.rpm

Conectiva Linux version 6.0及以上版本的用户可以使用apt进行RPM包的更新:

- 把以下的文本行加入到/etc/apt/sources.list文件中:
   
rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates

(如果你不是使用6.0版本,用合适的版本号代替上面的6.0)

- 执行:                 apt-get update
- 更新以后,再执行:     apt-get upgrade

National Science Foundation
---------------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

National Science Foundation Upgrade squid-2.4.STABLE7-src.tar.gz
ftp://ftp.squid-cache.org/pub/squid-2/STABLE/squid-2.4.STABLE7-src.tar.gz

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:051-16)以及相应补丁:
RHSA-2002:051-16:New Squid packages available
链接:https://www.redhat.com/support/errata/RHSA-2002-051.html

补丁下载:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/squid-2.4.STABLE6-6.6.2.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/squid-2.4.STABLE6-6.6.2.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/squid-2.4.STABLE6-6.6.2.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/squid-2.4.STABLE6-6.6.2.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/squid-2.4.STABLE6-6.7.0.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/squid-2.4.STABLE6-6.7.0.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/squid-2.4.STABLE6-6.7.0.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/squid-2.4.STABLE6-6.7.1.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/squid-2.4.STABLE6-6.7.1.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/squid-2.4.STABLE6-6.7.1.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/squid-2.4.STABLE6-6.7.1.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/squid-2.4.STABLE6-6.7.3.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/squid-2.4.STABLE6-6.7.3.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/squid-2.4.STABLE6-6.7.3.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/squid-2.4.STABLE6-6.7.3.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/squid-2.4.STABLE6-6.7.3.i386.rpm
可使用下列命令安装补丁:

rpm -Fvh [文件名]



浏览次数:5651
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障