安全研究
安全漏洞
TCL/TK Tk工具包ReadImage()函数GIF文件解析栈溢出漏洞
发布日期:2008-02-06
更新日期:2008-06-23
受影响系统:
John Ousterhout Tcl < 8.5.1不受影响系统:
John Ousterhout Tcl 8.5.1描述:
BUGTRAQ ID: 27655
CVE(CAN) ID: CVE-2008-0553
Tcl是一种简明,高效,可移植的编程语言。
在Tcl的Tk工具包中,tkImgGIF.c文件的ReadImage()函数没有正确地验证从GIF图形中所读取的initialCodeSize值。如果用户受骗打开了恶意的GIF图形文件的话,就可能触发栈溢出,导致执行任意指令。
<*来源:Tomas Hoger (thoger@redhat.com)
链接:http://secunia.com/advisories/26942/
https://bugzilla.redhat.com/long_list.cgi?buglist=431518
http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894
http://www.debian.org/security/2008/dsa-1490
http://www.debian.org/security/2008/dsa-1491
https://www.redhat.com/support/errata/RHSA-2008-0135.html
https://www.redhat.com/support/errata/RHSA-2008-0134.html
https://www.redhat.com/support/errata/RHSA-2008-0136.html
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1491-1)以及相应补丁:
DSA-1491-1:New tk8.4 packages fix arbitrary code execution
链接:http://www.debian.org/security/2008/dsa-1491
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9.orig.tar.gz
Size/MD5 checksum: 3266500 1b64258abaf258e9a86f331d8de17a71
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2.diff.gz
Size/MD5 checksum: 19342 41a2a5bc9b62ecb6bbae8ef6bf9cc23d
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2.dsc
Size/MD5 checksum: 672 591b8bd996be45daee43dcb0cd1f8815
Architecture independent packages:
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-doc_8.4.9-1sarge2_all.deb
Size/MD5 checksum: 775312 89ad74c73bdfed9b2811a05a08b5fe92
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_alpha.deb
Size/MD5 checksum: 940460 5118b63aafb55fd885d6360361e39e7c
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_alpha.deb
Size/MD5 checksum: 1031446 68fefac513706a03f7c7fb7fcd04d9b9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_amd64.deb
Size/MD5 checksum: 810124 632854f78763d41d1b9d65b5da1b2909
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_amd64.deb
Size/MD5 checksum: 976424 21a43a779b8ed88bc57a37b779380caa
arm architecture (ARM)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_arm.deb
Size/MD5 checksum: 823992 161c57a5130d0be1a0538531b33b344c
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_arm.deb
Size/MD5 checksum: 945242 357bd0c48a6582112b2266d4e816e3e7
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_hppa.deb
Size/MD5 checksum: 912888 10d8447e4958053c0c6526e4da09e0fb
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_hppa.deb
Size/MD5 checksum: 1046614 3c2f17f53f9556f47c953d96495c4a40
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_i386.deb
Size/MD5 checksum: 956188 e5622c965da1e8d140f2e4f200133d00
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_i386.deb
Size/MD5 checksum: 793374 1c69c159005de29b0972924005776eb8
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_ia64.deb
Size/MD5 checksum: 1053448 3d8a54d72c65db72771171b86a4a12fa
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_ia64.deb
Size/MD5 checksum: 1182510 050234d3ee71b5aca66e9a743804239c
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_m68k.deb
Size/MD5 checksum: 696458 35db6210d983f12250e0970c17b2e31b
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_m68k.deb
Size/MD5 checksum: 909280 9c61aac16b366c5c05eedb2022e72ed6
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_mips.deb
Size/MD5 checksum: 838884 f4509833e2022ff4c9251526697db137
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_mips.deb
Size/MD5 checksum: 974098 ebedb583012e093aafeeb2185ddd20cf
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_mipsel.deb
Size/MD5 checksum: 834690 6dadf0e560251c7c3374e7084e8da83b
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_mipsel.deb
Size/MD5 checksum: 972004 d66acaffd44af8463f74710a7601fefd
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_powerpc.deb
Size/MD5 checksum: 972350 f4a9e8bf74f42b25c34db8f1568c9d8d
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_powerpc.deb
Size/MD5 checksum: 810052 e9701b9dca60a3fdd84c46c1f555dd83
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_s390.deb
Size/MD5 checksum: 807464 d4d73b1478eae680b2003fdec6f4ceb3
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_s390.deb
Size/MD5 checksum: 979890 8bfb0cc0fd20a4b0d8487df2e692add8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.9-1sarge2_sparc.deb
Size/MD5 checksum: 958298 31f02fcdbb4063289c50e3e92cef6378
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.9-1sarge2_sparc.deb
Size/MD5 checksum: 806214 3cb0e95afa875185fe457ef7d317f9db
Debian 4.0 (stable)
- -------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2.dsc
Size/MD5 checksum: 673 8a67dd58d45ad9c4705102a2de8d6987
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12.orig.tar.gz
Size/MD5 checksum: 3245547 316491cb82d898b434842353aed1f0d6
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2.diff.gz
Size/MD5 checksum: 21747 77aa57e251bf839048c9048af5ba20ad
Architecture independent packages:
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-doc_8.4.12-1etch2_all.deb
Size/MD5 checksum: 788438 d8614ab0eeaea332d7f85b7635093c98
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_alpha.deb
Size/MD5 checksum: 968030 3fc751321940ad0bbc2322e48b6e8339
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_alpha.deb
Size/MD5 checksum: 1050864 c3dc809a22c8690810ef707a52f8b1fe
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_amd64.deb
Size/MD5 checksum: 1008902 80d89dcf9bc8d600269584bbe2f28e91
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_amd64.deb
Size/MD5 checksum: 839362 58db7235b1da2ea5e3ee391f8224c5f3
arm architecture (ARM)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_arm.deb
Size/MD5 checksum: 793906 375b065e080b63584ab7ee902d4e70e0
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_arm.deb
Size/MD5 checksum: 971658 226561f98ba563d0903a60f1f694fef7
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_hppa.deb
Size/MD5 checksum: 1073442 46ecf3cef8d61feba191f9c9d3f5cc2e
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_hppa.deb
Size/MD5 checksum: 931724 00de88d90abc1ec6424b5d0addf6b1c4
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_i386.deb
Size/MD5 checksum: 977632 015be44e613a751af013c706c0b87ab2
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_i386.deb
Size/MD5 checksum: 820786 586b4a3739f1c4f658e13e70f851d57c
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_ia64.deb
Size/MD5 checksum: 1136290 b98650c6ecab03b0fee872e1907411c5
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_ia64.deb
Size/MD5 checksum: 1259618 d69ea6067cdb6528be0cd686b5c00696
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_mips.deb
Size/MD5 checksum: 877896 cf9a61ae0049a26815e56ab2ab02dd87
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_mips.deb
Size/MD5 checksum: 1000308 149a697aa365874121d524b5f6614d50
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_mipsel.deb
Size/MD5 checksum: 999208 4d12b599580d276d09b940defe2456da
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_mipsel.deb
Size/MD5 checksum: 875858 4beeaf45a820b04da0d488246d518c79
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_powerpc.deb
Size/MD5 checksum: 998938 49b55bf5805216d61f976585c8528b14
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_powerpc.deb
Size/MD5 checksum: 807072 a68c5a00c1d17b0f8070b70f91edca11
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_s390.deb
Size/MD5 checksum: 1016866 020ee08295df231dba7100d68f4306b1
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_s390.deb
Size/MD5 checksum: 847188 6bfb7c319ef6bf4a1cff60a291b32cca
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4_8.4.12-1etch2_sparc.deb
Size/MD5 checksum: 978996 16b0c114b0feb65c39b7d453b294a348
http://security.debian.org/pool/updates/main/t/tk8.4/tk8.4-dev_8.4.12-1etch2_sparc.deb
Size/MD5 checksum: 826650 baaac055088de0ea43775911f1d6c009
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2008:0136-01)以及相应补丁:
RHSA-2008:0136-01:Moderate: tk security update
链接:https://www.redhat.com/support/errata/RHSA-2008-0136.html
John Ousterhout
---------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.tcl.tk/software/tcltk/download.html
浏览次数:5025
严重程度:0(网友投票)
绿盟科技给您安全的保障