安全研究
安全漏洞
libicu库多个内存破坏漏洞
发布日期:2008-01-25
更新日期:2008-01-28
受影响系统:
ICU Project libicu 3.8.1描述:
BUGTRAQ ID: 27455
CVE(CAN) ID: CVE-2007-4770,CVE-2007-4771
Unicode国际组件(ICU)是一个C/C++和Java函数库,可为软件应用提供Unicode和全球化支持。
ICU在处理畸形的正则表达式时存在堆溢出漏洞,本地攻击者可能利用此漏洞导致采用了ICU库的应用崩溃。
ICU库regexcmp.cpp文件976行的doInterval函数没有检查确保上层interval不是-1,如果用户提交了恶意的正则表达式的话就可能触发堆溢出;在正则表达式编译中,非法的反引用可能会引用不存在的捕获组0,导致在之后使用了被破坏的REStackFrames,在读写操作时会出现崩溃。
<*来源:Will Drewry (wad@google.com)
链接:http://secunia.com/advisories/28575/
http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com
https://bugzilla.redhat.com/long_list.cgi?buglist=429025
https://bugzilla.redhat.com/long_list.cgi?buglist=429023
http://secunia.com/advisories/29291/
https://www.redhat.com/support/errata/RHSA-2008-0090.html
http://www.debian.org/security/2008/dsa-1511
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-233922-1
http://security.gentoo.org/glsa/glsa-200803-20.xml
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1511-1)以及相应补丁:
DSA-1511-1:New libicu packages fix multiple problems
链接:http://www.debian.org/security/2008/dsa-1511
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/i/icu/icu_3.6.orig.tar.gz
Size/MD5 checksum: 9778863 0f1bda1992b4adca62da68a7ad79d830
http://security.debian.org/pool/updates/main/i/icu/icu_3.6-2etch1.dsc
Size/MD5 checksum: 591 13dcea6b1c9a282147b99c4867db6ee8
http://security.debian.org/pool/updates/main/i/icu/icu_3.6-2etch1.diff.gz
Size/MD5 checksum: 9552 82e560098b24b245872b163a522a80b8
Architecture independent packages:
http://security.debian.org/pool/updates/main/i/icu/icu-doc_3.6-2etch1_all.deb
Size/MD5 checksum: 3332194 5da76263265814905245b97daec4c1c3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_alpha.deb
Size/MD5 checksum: 7028746 b6b13d0fa262501923c97a859b400d10
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_alpha.deb
Size/MD5 checksum: 5581984 0cd37ce9f234b9207accc424dc191f49
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_amd64.deb
Size/MD5 checksum: 6585582 9fe0ee74625a985628c9af096dd13827
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_amd64.deb
Size/MD5 checksum: 5444228 250851db4a613e9a5d0029d73c1196c0
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_arm.deb
Size/MD5 checksum: 6631114 a73ff442415ca3bc336f1fb49e3aa701
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_arm.deb
Size/MD5 checksum: 5458358 c6d533fd7c1c51efbac58d2a96a386fb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_hppa.deb
Size/MD5 checksum: 7090294 aadca0bc8fb9307ea7fe293406a10e5f
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_hppa.deb
Size/MD5 checksum: 5909956 07bd8e6c733072fca8b96cc10e210a68
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_i386.deb
Size/MD5 checksum: 5468656 532aa02d6d67d4b6527ac8c29c9d110e
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_i386.deb
Size/MD5 checksum: 6465540 bfd4d908b552bba2d871771f86369ec7
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_ia64.deb
Size/MD5 checksum: 7238880 10b410fcd460e47c3619de88167b74f5
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_ia64.deb
Size/MD5 checksum: 5865536 dbc0ec913f08682cec4f1b75d35e0531
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_mips.deb
Size/MD5 checksum: 7047506 c0b327e8229d1d4d33131453cdac6508
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_mips.deb
Size/MD5 checksum: 5748172 126a2f0bb4b61cc54d70edb882191576
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_powerpc.deb
Size/MD5 checksum: 5747754 8bc631ad394a86e11c24c5b9ffd76f1d
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_powerpc.deb
Size/MD5 checksum: 6888906 c5542d6d957327fd6f540029f4195772
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_s390.deb
Size/MD5 checksum: 5776762 16a114247a39201f3966ff4f22b80342
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_s390.deb
Size/MD5 checksum: 6895102 15624240d20d2e0aa7a29bbc90895908
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_sparc.deb
Size/MD5 checksum: 5671256 2c7a50b1fe50dbe4b3ef8995d91e5946
http://security.debian.org/pool/updates/main/i/icu/libicu36-dev_3.6-2etch1_sparc.deb
Size/MD5 checksum: 6771832 84a95a10934106c8cfc409032191de98
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2008:0090-01)以及相应补丁:
RHSA-2008:0090-01:Important: icu security update
链接:https://www.redhat.com/support/errata/RHSA-2008-0090.html
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-233922)以及相应补丁:
Sun-Alert-233922:Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing May Cause a Denial of Service (DoS)
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-233922-1
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200803-20)以及相应补丁:
GLSA-200803-20:International Components for Unicode: Multiple
链接:http://security.gentoo.org/glsa/glsa-200803-20.xml
所有International Components for Unicode用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/icu-3.8.1-r1"
ICU Project
-----------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://source.icu-project.org/repos/icu/icu/branches/maint/maint-3-8
浏览次数:4428
严重程度:0(网友投票)
绿盟科技给您安全的保障