安全研究
安全漏洞
D-Bus dbus_signature_validate()类型签名拒绝服务漏洞
发布日期:2008-10-06
更新日期:2008-10-08
受影响系统:
D-Bus D-Bus 1.2.1描述:
BUGTRAQ ID: 31602
CVE(CAN) ID: CVE-2008-3834,CVE-2009-1189
D-BUS是一个设计目标为应用程序间通信的消息总线系统。
D-BUS的_dbus_validate_signature_with_reason()函数没有正确地验证类型代码:
if (last == DBUS_DICT_ENTRY_BEGIN_CHAR &&
!dbus_type_is_basic (*p))
{
result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE;
goto out;
}
如果使用D-Bus的应用受骗验证了特制的签名的话,就可能会终止。
<*来源:schelte (schelte@wanadoo.nl)
链接:http://secunia.com/advisories/32127/
https://bugs.freedesktop.org/show_bug.cgi?format=multiple&id=17803
http://security.gentoo.org/glsa/glsa-200901-04.xml
http://www.debian.org/security/2009/dsa-1837
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
int main ()
{
return !dbus_signature_validate("a{(ii)i}", NULL);
}
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1837-1)以及相应补丁:
DSA-1837-1:New dbus packages fix denial of service
链接:http://www.debian.org/security/2009/dsa-1837
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3.diff.gz
Size/MD5 checksum: 20482 fd114e50577aade0211a25bc05ac064d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2.orig.tar.gz
Size/MD5 checksum: 1400278 0552a9b54beb4a044951b7cdbc8fc855
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3.dsc
Size/MD5 checksum: 824 0befb91739de13f92197336b6a3f3f06
Architecture independent packages:
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-doc_1.0.2-1+etch3_all.deb
Size/MD5 checksum: 1622204 67e2242179a8af1f3a7363d0d9728702
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 289142 2da5aaed2ca0e1dfe4627f2d51923a1a
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 184834 a14af28f5651f06cd41f4aa8b264d486
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 378214 95128d7c15be44464dd1a785788fdc3d
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_alpha.deb
Size/MD5 checksum: 403766 5facc50da806d2f82a1ca839e045035d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 279294 6b0085ce0a01a81a13b068759de269b8
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 348654 4d1f1c1d5c074be51b777b93b332eaf7
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 363928 54ed19ba7cbd0dd3475827c6e6df5acf
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_amd64.deb
Size/MD5 checksum: 184200 e5bc33b1e7dbfea9c372a3056e3f1848
arm architecture (ARM)
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 343960 e7c6c2269903d8dbd4422103a9e1edaf
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 265322 4e7ce3fca8c685e540092e70474e6fbd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 330958 cee5e85136606605bd290035d9452f90
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_arm.deb
Size/MD5 checksum: 183240 d7e3c477f4f4fbbc49c04b035e92ff2a
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 374136 7d297f74e9fde26e726f06f321208dae
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 286074 0a55d6aa6400d4d5750ebd92e9de7aab
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 362166 013680aca7b38c66292a8727855bfc06
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_hppa.deb
Size/MD5 checksum: 184934 061417fe2e791b5bc7abf62398b3a8a8
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 335758 605f4f911d8445b74cbd46ede0fcfb89
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 268688 c64ca51e9e04d1e961a8db7132ba4e08
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 184134 58672102a58bca326f4ba09c5bf3666a
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_i386.deb
Size/MD5 checksum: 348012 ae8f836c9e5b631eb421f3b86dc78f49
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 370052 f8ea51037f985d6b8f2a288b9a813ccd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 359844 b0b0956206921cff260c531aa9286f21
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 184240 4dd808980afe395d6909549614fab214
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_mips.deb
Size/MD5 checksum: 272764 7ceea85232267e0a80f4fd5cb38ddf09
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 369664 07d0e90fc376acf855563baec0293856
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 184260 f81b2223f912a359a4fd7bc1f61ba7e4
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 358830 947820464929873955f7f6a427403838
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_mipsel.deb
Size/MD5 checksum: 272442 3d19769e8260b3d434e6dd577d72c5c0
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 184222 c06ffd6735f13d9f6c9301a0dd487efd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 335910 9fe78e085108bbacb7f04566247aa51e
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 271718 021c33a25a85bcdc394fc0c5af784256
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_powerpc.deb
Size/MD5 checksum: 353656 9e40213397ea8306184da6c8e0bcb070
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 184266 d82e92039c32386a69e0f1b119820ae8
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 265144 d7f6e34015d0adc757942c6d1dae3c56
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 341300 3bb2b297ebd12d562b0185b6b58196a8
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch3_sparc.deb
Size/MD5 checksum: 337130 1b9530365393919e15ffce3a695441ea
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1.dsc
Size/MD5 checksum: 1608 e084fe269b41c84cdeaafae2b2633e9f
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1.orig.tar.gz
Size/MD5 checksum: 1406833 b57aa1ba0834cbbb1e7502dc2cbfacc2
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1.diff.gz
Size/MD5 checksum: 39470 6b875822ae5036ba8bf83f2fae11fbf0
Architecture independent packages:
http://security.debian.org/pool/updates/main/d/dbus/dbus-1-doc_1.2.1-5+lenny1_all.deb
Size/MD5 checksum: 1830232 317e72d84e019f0006d84e9579fa4b66
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 380740 b75e7906989484738737bc2e5e6bf66a
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 290338 fa8f5deeed2593a790283210375bde43
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 170160 810c545ad2bf6212fcb745f10f3d39c9
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_alpha.deb
Size/MD5 checksum: 66942 c810abd2e002daefa1f24942367208ce
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 259300 9086503f08d3a4970c966cb1461b8309
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 162880 12a802692ae3d1774a5cb2a55fee7abe
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 64710 62a4fbb57742faed71a853cd7c6d5443
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_amd64.deb
Size/MD5 checksum: 249006 966d8f20171594a83abd09251c277dd1
arm architecture (ARM)
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 63812 f9acaf50dd1440312f9b3eb9e8ce5665
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 223424 20befb04db3b6ae82fb152354be8cf1f
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 238514 0369f89685fa04a26ba050b5ae718368
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_arm.deb
Size/MD5 checksum: 144958 da65511355a4e4484042fd7377e2f520
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 146562 64f4b077e7457a400ad88b8cfd6d9b57
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 239468 89ddd32404daff070f43848aad9369c3
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 63572 b67421a112b6bf92b47246c2ebd4618d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_armel.deb
Size/MD5 checksum: 228326 096d983dcd56905b8d35a1a109dcd742
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 263164 2a856048b8c09b075f089ae2551c356f
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 163954 dd2a4efdbca917a569d6520be368336c
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 270676 6ada153b9ff39dfd8a75c08a2a186784
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_hppa.deb
Size/MD5 checksum: 64868 5a8bc1e82107effab796c04e6c05592d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 64064 64e2b9c17836231e7abc0aff34690001
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 235620 ac4307dc10c03340beeb13eefac1f600
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 230180 7ca48ece6eb966598f45394fa6f61ecb
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_i386.deb
Size/MD5 checksum: 148370 a6fef063aace9660fcd7b518a1658299
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 297824 15211d3862458004a9f10b6968d839e3
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 68598 e8d496cdde34439f3e8545f51b875a1d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 487536 4b94b66cd09d99250b8d78bab7a51cc3
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_ia64.deb
Size/MD5 checksum: 205560 a3943a7fde111a5fad1fb33a0b01471d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 247202 c5b66959665d900dee20b069d205db0a
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 257016 ca8b0fc29104a6483f2ce45346d3c2dd
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 150832 c89353aaf1ff0acf40379b59c903153c
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_mips.deb
Size/MD5 checksum: 64498 8f61fda7a3f7adf0e3069ad4535febf1
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 256382 7a3757146955ab439ca286aa9fc6dd94
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 64528 e82065ecb4221b024d0fa0f7716b3a4a
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 246102 38f40717cb0f202e99067a484ce80848
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_mipsel.deb
Size/MD5 checksum: 150130 5658d2cdf77ad75b314f781f9630a8e3
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 157156 8ce5392e803ce8b824865362c5e7ceaf
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 243468 31c4739ae2908480d9dadf21f243a76d
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 252104 af29662c0e472962196a03d9bcac0624
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_powerpc.deb
Size/MD5 checksum: 67286 5d871cb882a468fc0d21981024b7bd5e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 145182 7493ade5ef50256253977a3c708a87dd
http://security.debian.org/pool/updates/main/d/dbus/dbus_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 254556 8f8bc903fe5eb131a75cbfd0f282cc21
http://security.debian.org/pool/updates/main/d/dbus/dbus-x11_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 63946 4e1a64b89ca25775553e7653cf2cb3eb
http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.2.1-5+lenny1_sparc.deb
Size/MD5 checksum: 235150 7e6ab5023ad36c713a0eff40e6f60045
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200901-04)以及相应补丁:
GLSA-200901-04:D-Bus: Denial of Service
链接:http://security.gentoo.org/glsa/glsa-200901-04.xml
所有D-Bus用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/dbus-1.2.3-r1"
D-Bus
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://admin.fedoraproject.org/updates/dbus-1.2.4-1.fc9
浏览次数:3050
严重程度:0(网友投票)
绿盟科技给您安全的保障