安全研究
安全漏洞
policyd W_Read函数远程缓冲区溢出漏洞
发布日期:2007-07-11
更新日期:2007-07-18
受影响系统:
policyd policyd 1.80不受影响系统:
policyd policyd 1.81描述:
BUGTRAQ ID: 24899
CVE(CAN) ID: CVE-2007-3791
policyd是基于APF server技术的开源策略服务器,专门针对Postfix MTA,可实现SPF、Greylist、MSBL、自定义黑/白名单及并发统计等高级功能。
policyd的sockets.c文件中的w_read()函数中存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。
如果远程攻击者向有漏洞的系统发送了超长的SMTP命令的话,就可以触发这个溢出,导致拒绝服务或执行任意指令。
<*来源:Raphaël Marichez
链接:http://secunia.com/advisories/26021/
http://www.debian.org/security/2007/dsa-1361
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1361-1)以及相应补丁:
DSA-1361-1:New postfix-policyd packages fix arbitrary code execution
链接:http://www.debian.org/security/2007/dsa-1361
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1.diff.gz
Size/MD5 checksum: 11391 3b110e0653af37a0367abac9a2cc303b
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1.dsc
Size/MD5 checksum: 661 1da40619537632f9986db4da5ec1f1bf
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80.orig.tar.gz
Size/MD5 checksum: 67138 3d6caea3c5ef4a1b97816180a21a94f3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_alpha.deb
Size/MD5 checksum: 77270 07b5622f7801eb74ec409337f49581b9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_amd64.deb
Size/MD5 checksum: 74814 4aae549d216b8653e0817ed7368ed70a
arm architecture (ARM)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_arm.deb
Size/MD5 checksum: 74760 0eee0050d13f6aa3a41a52764fca3bce
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_hppa.deb
Size/MD5 checksum: 76708 52fad04d43236faf0617d1585bff6632
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_i386.deb
Size/MD5 checksum: 69196 be22b73cc4c4d9d050ba55170f161dc5
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_ia64.deb
Size/MD5 checksum: 90026 9b788319cb954d7cf687c3eb0b410eef
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_mips.deb
Size/MD5 checksum: 75046 26f79e015c2d4df43d0fe96e9a128416
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_mipsel.deb
Size/MD5 checksum: 75056 ec377db9df88eb197355451879f1c28b
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_s390.deb
Size/MD5 checksum: 72406 53f9a23da464947ccd421ae5e1af99a8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/p/postfix-policyd/postfix-policyd_1.80-2.1etch1_sparc.deb
Size/MD5 checksum: 71428 548b97ce3a610f011f4e4c48d4f48dd0
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
policyd
-------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://sourceforge.net/project/shownotes.php?release_id=522366
浏览次数:2727
严重程度:0(网友投票)
绿盟科技给您安全的保障