安全研究

安全漏洞
WordNet多个栈溢出漏洞

发布日期:2008-05-13
更新日期:2008-05-16

受影响系统:
Princeton University WordNet 3.0
描述:
BUGTRAQ  ID: 29208
CVE(CAN) ID: CVE-2008-2149

WordNet是普林斯顿大学开发的英语词汇及其词法关系数据库。

WordNet的src/wn.c文件的searchwn()函数以及lib/search.c文件的wngrep()函数在处理发送给wn二进制程序的超长字符串参数时存在栈溢出漏洞:

            } else {
                sprintf(tmpbuf, "wn: invalid search option: %s\n", av[j]);
                display_message(tmpbuf);
                errcount++;
            }

远程攻击者可以通过发送带有无效命令行选项的超长字符串请求触发这个溢出,导致拒绝服务的情况。

<*来源:Jukka Ruohonen (drear@iki.fi
  
  链接:http://secunia.com/advisories/30242/
        https://bugs.gentoo.org/show_bug.cgi?format=multiple&id=211491
        http://www.debian.org/security/2008/dsa-1634
*>

建议:
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-1634-2)以及相应补丁:
DSA-1634-2:New wordnet packages fix regression
链接:http://www.debian.org/security/2008/dsa-1634

补丁下载:
Source archives:

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2.dsc
Size/MD5 checksum:      772 79778d56b18a02598ee5b6fd96ab08a3
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2.diff.gz
Size/MD5 checksum:    23138 e0c766b20c9b7a0af75d95ba45b450a1
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1.orig.tar.gz
Size/MD5 checksum:  6379385 95a6e8144254a92a5ea0e97771ef9d07

Architecture independent packages:

http://security.debian.org/pool/updates/main/w/wordnet/wordnet-base_2.1-4+etch2_all.deb
Size/MD5 checksum:  8701512 4455bf81c9015708cb74eab60ccd2bcc
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-sense-index_2.1-4+etch2_all.deb
Size/MD5 checksum:  2242610 07c445b555abf08a505128392008f993

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_alpha.deb
Size/MD5 checksum:   109538 4803d423c191e9faa98384326c8d6d70
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_alpha.deb
Size/MD5 checksum:    80824 4dbf0d39d155acc639aea8483a08972b

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_amd64.deb
Size/MD5 checksum:    65198 3cc2012ba668fd282398befb9afc1f32
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_amd64.deb
Size/MD5 checksum:   105098 176e4394cb71c2dde0f7a7f67b9d5698

arm architecture (ARM)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_arm.deb
Size/MD5 checksum:   100134 4dabf40eafe6254f8f9d16ae7ab4bcdc
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_arm.deb
Size/MD5 checksum:    61152 23f695939c47966390fccc29d8666d94

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_hppa.deb
Size/MD5 checksum:    69956 e32d6a37145ed84c9af98af9215a001e
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_hppa.deb
Size/MD5 checksum:   108402 2b7b1db48cde550ef290ea68518e7dd8

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_i386.deb
Size/MD5 checksum:    63156 de49f05b5e9a08a2c4cd4cc9ec1f7f64
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_i386.deb
Size/MD5 checksum:   101844 cb8c045b1f98f009fe976fa46e3b88e8

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_ia64.deb
Size/MD5 checksum:   119820 8ab8da0fa9022893263f77ef5b9f4dae
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_ia64.deb
Size/MD5 checksum:    83122 b728bb71e4557f34a8a57c06d4e7d075

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_mips.deb
Size/MD5 checksum:   105560 12a113044b150102f1f2503a2e03c082
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_mips.deb
Size/MD5 checksum:    73206 6e3ab13fbbdde8c87a3e74047438adfc

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_mipsel.deb
Size/MD5 checksum:   104772 2354e8d8dc3d328cad3fe07d5f477392
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_mipsel.deb
Size/MD5 checksum:    71744 4be1791f3df308f53002d8bd25e6fa9b

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_powerpc.deb
Size/MD5 checksum:    69922 4d9e3c840edd6ab17d2b6821d3d7cc97
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_powerpc.deb
Size/MD5 checksum:   108874 9265e4f871c578b4327f125e666dce0b

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_s390.deb
Size/MD5 checksum:   107146 6d8d4beb4358469c7b09acb4074d043d
http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_s390.deb
Size/MD5 checksum:    65784 2da9f599826e67def06f5b5efba2b7dd

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/w/wordnet/wordnet-dev_2.1-4+etch2_sparc.deb
Size/MD5 checksum:    64894 418d78b3ff25b4402a4f5938672b7dbd
http://security.debian.org/pool/updates/main/w/wordnet/wordnet_2.1-4+etch2_sparc.deb
Size/MD5 checksum:   102988 9041d53dab5cf6e39ebe4eed982df8d3

补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

浏览次数:2940
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客