安全研究
安全漏洞
KDE/KOffice StreamPredictor::StreamPredictor()函数整数溢出漏洞
发布日期:2007-07-31
更新日期:2007-07-31
受影响系统:
KDE KOffice 1.x描述:
BUGTRAQ ID: 25124
CVE(CAN) ID: CVE-2007-3387
KOffice是基于Linux的办公软件应用程序。
KOffice包含的kpdf/kword/xpdf工具实现上存在缓冲区溢出漏洞,远程攻击者可以利用这个漏洞构建恶意PDF文件诱使用户处理,从而控制用户系统。
kpdf/kword/xpdf共享了xpdf的代码,xpdf的StreamPredictor::StreamPredictor()函数实现上存在整数溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户处理带畸形数据的PDF文档触发溢出执行任意指令。
<*链接:http://www.kde.org/info/security/advisory-20070730-1.txt
http://secunia.com/advisories/26293/
http://secunia.com/advisories/26318/
https://www.redhat.com/support/errata/RHSA-2007-0731.html
https://www.redhat.com/support/errata/RHSA-2007-0729.html
https://www.redhat.com/support/errata/RHSA-2007-0730.html
https://www.redhat.com/support/errata/RHSA-2007-0735.html
https://www.redhat.com/support/errata/RHSA-2007-0720.html
https://www.redhat.com/support/errata/RHSA-2007-0732.html
http://www.debian.org/security/2007/dsa-1350
http://www.debian.org/security/2007/dsa-1352
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1350-1)以及相应补丁:
DSA-1350-1:New tetex-bin packages fix arbitrary code execution
链接:http://www.debian.org/security/2007/dsa-1350
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5.dsc
Size/MD5 checksum: 1004 408dc2085cdba46890456dd0994466ed
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5.diff.gz
Size/MD5 checksum: 162289 af8ba42d1ba901a866f8a9a3be169a8d
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2.orig.tar.gz
Size/MD5 checksum: 11677169 8f02d5940bf02072ce5fe05429c90e63
Alpha architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_alpha.deb
Size/MD5 checksum: 90938 d8159c21d95fe23977f3f04293e05d2b
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_alpha.deb
Size/MD5 checksum: 65658 8499ce76230803e3e8ca57f74d3ddc1a
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_alpha.deb
Size/MD5 checksum: 5191902 e59ace42020339489e5dce272346937d
AMD64 architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_amd64.deb
Size/MD5 checksum: 72760 c74b0d671d1e598133ccbabba4b055d0
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_amd64.deb
Size/MD5 checksum: 61976 18539f87cc4ca768e94812dd82a4ba92
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_amd64.deb
Size/MD5 checksum: 4357092 c343a5100fa62f02fea94cb8298d1dfe
ARM architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_arm.deb
Size/MD5 checksum: 67792 56ead90cbac34f20bbd3a9c561d8e766
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_arm.deb
Size/MD5 checksum: 58222 9615aad9835cf82cda04c2270b23bcc6
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_arm.deb
Size/MD5 checksum: 4300932 797d1b12e5c33b994b54ea3ed0e56605
HP Precision architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_hppa.deb
Size/MD5 checksum: 78298 b02ebc84baf40bdf85bdd095259a6fc0
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_hppa.deb
Size/MD5 checksum: 66718 fc8516836487be2143681dde8a547afa
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_hppa.deb
Size/MD5 checksum: 4613010 8a86c1ff20b5e7d796f4729688b38846
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_i386.deb
Size/MD5 checksum: 66214 9cdb34e878a67780bb6495585ef14db7
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_i386.deb
Size/MD5 checksum: 59248 591ed69f05d3a395c0e438bbe046db12
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_i386.deb
Size/MD5 checksum: 3939528 d352ae38e2349e355e5da81651fcbb81
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_ia64.deb
Size/MD5 checksum: 89818 194a8c9d3fdbdb2de3a1132cfc5fefd8
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_ia64.deb
Size/MD5 checksum: 73578 98b1887daec4d21c5f6541a4857f2765
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_ia64.deb
Size/MD5 checksum: 5909754 72b1fc89df3534e940f0c276ac30e834
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_m68k.deb
Size/MD5 checksum: 63570 c28eb2d915d1993744a07c6110634370
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_m68k.deb
Size/MD5 checksum: 58802 e5c73af748d2c66f038b5f52929d938a
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_m68k.deb
Size/MD5 checksum: 3601196 49dd7766842ec386c1a62685079c80ed
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_mips.deb
Size/MD5 checksum: 75566 e8c8a8f53f4aab6029f7e92b5994247d
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_mips.deb
Size/MD5 checksum: 59274 2ec0a1573e3e1aa68a7f71177616b61b
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_mips.deb
Size/MD5 checksum: 4603054 b05d0400b14e006284b383364dcdb609
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_mipsel.deb
Size/MD5 checksum: 75536 342424bab48f7baa4a28dd033ade7a89
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_mipsel.deb
Size/MD5 checksum: 59504 aa940915c0a195a5fa6bc7dcdcddd796
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_mipsel.deb
Size/MD5 checksum: 4559858 1c2999179723139ef15ce8fac0094ab3
PowerPC architecture:
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_powerpc.deb
Size/MD5 checksum: 74908 827173cc664bccc030eb1e8607f2e5de
http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_powerpc.deb
Size/MD5 checksum: 63436 b53beaa55824df5c86230ee76a58f46a
http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_powerpc.deb
Size/
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
KDE
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
KOffice 1.2.1
ftp://ftp.kde.org/pub/kde/security_patches :
eb5e65cd5fadab128c1bc5ce2211126b koffice-xpdf-CVE-2007-3387.diff
KDE 3.3.2
ftp://ftp.kde.org/pub/kde/security_patches :
d1b3248c6a7843ad3265d25adcf7aa2f post-3.5.7-kdegraphics-CVE-2007-3387.diff
RedHat
------
RedHat已经为此发布了安全公告(RHSA-2007:0731-01,RHSA-2007:0729-01,RHSA-2007:0730-01,RHSA-2007:0735-01,RHSA-2007:0720-01,RHSA-2007:0732-01)以及相应补丁:
RHSA-2007:0731-01:Important: tetex security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0731.html
RHSA-2007:0729-01:Important: kdegraphics security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0729.html
RHSA-2007:0730-01:Important: gpdf security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0730.html
RHSA-2007:0735-01:Important: xpdf security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0735.html
RHSA-2007:0720-01:Important: cups security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0720.html
RHSA-2007:0732-01:Important: poppler security update
链接:https://www.redhat.com/support/errata/RHSA-2007-0732.html
浏览次数:3368
严重程度:0(网友投票)
绿盟科技给您安全的保障