绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

SILC工具包command.c多个格式串漏洞

发布日期：2009-08-10
更新日期：2009-09-11

受影响系统：

SILC Toolkit < 1.1.10

不受影响系统：

SILC Toolkit 1.1.10

描述：

BUGTRAQ  ID: 36193
CVE(CAN) ID: CVE-2009-3051,CVE-2009-3163

SILC工具包是用于实现SILC（Secure Internet Live Conferencing）协议的软件开发工具包。

SILC工具包的lib/silcclient/command.c文件中存在多个格式串漏洞，远程攻击者可以通过在通道名称或昵称中包含恶意的格式串标识符导致以运行SILC客户端用户的权限执行任意指令。

<*来源：SILC

  链接：http://www.openwall.com/lists/oss-security/2009/08/31/5
        http://www.debian.org/security/2009/dsa-1879
        http://www.gentoo.org/security/en/glsa/glsa-201006-07.xml
*>

建议：

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1879-1）以及相应补丁:
DSA-1879-1：New silc-client/silc-toolkit packages fix arbitrary code execution
链接：http://www.debian.org/security/2009/dsa-1879

补丁下载：

Source archives:

http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7-2+lenny1.dsc
Size/MD5 checksum:     1430 eff8a733cf7e4db92296533394f42b22
http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7.orig.tar.gz
Size/MD5 checksum:  2678989 4f2fa6678f4801fd7087b4f92dada6ee
http://security.debian.org/pool/updates/main/s/silc-toolkit/silc-toolkit_1.1.7-2+lenny1.diff.gz
Size/MD5 checksum:    16935 1e5d1151029379a7ba135799dc1cd166
http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4-1+lenny1.dsc
Size/MD5 checksum:     1380 29601c3569b30b5e3d3307689c9c25f8
http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4.orig.tar.gz
Size/MD5 checksum:  2202993 979d46c78ace2dade513f33ad0081e85
http://security.debian.org/pool/updates/main/s/silc-client/silc-client_1.1.4-1+lenny1.diff.gz
Size/MD5 checksum:    11593 efa43890947e5ba7a34631c689abcb60

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_alpha.deb
Size/MD5 checksum:   788516 0cd53c076d01f2ed2f3126385c2ec4e8
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_alpha.deb
Size/MD5 checksum:   720306 b21343d40a367e08b0e215b4a7575d4d
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_alpha.deb
Size/MD5 checksum:  2291652 9dc47295123af7ed95cdf10f2bb48f94
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_alpha.deb
Size/MD5 checksum:   684328 674dd1d1da7fcbd87789fb53a4128bef
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_alpha.deb
Size/MD5 checksum:   602432 76d7f386a31c02a31fefb10167611dea

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_amd64.deb
Size/MD5 checksum:  2010710 669d1bd65dc987f4e27263ddd427409d
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_amd64.deb
Size/MD5 checksum:   816352 569993e597e2bfb086558d79cf404404
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_amd64.deb
Size/MD5 checksum:   575504 8961ff37ee74c66f26ad8115e152e8a8
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_amd64.deb
Size/MD5 checksum:   682922 69d0986a3ee58796abcbd49bb67596e7
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_amd64.deb
Size/MD5 checksum:   636202 0be0cf64803db8179887baa654636a05

arm architecture (ARM)

http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_arm.deb
Size/MD5 checksum:   530304 ef44fd7a87532a5eaa233bf8ff0fe35c
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_arm.deb
Size/MD5 checksum:  1970220 af591e1b1256e237bc3874dc1436dcf8
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_arm.deb
Size/MD5 checksum:   596952 a3f7b72e6f6afa8b112a976f81402211
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_arm.deb
Size/MD5 checksum:   637190 1918f391d001728b090d1eccd29a1591
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_arm.deb
Size/MD5 checksum:   729096 43b9f94059b92f89d6c0b369d4d0af03

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_armel.deb
Size/MD5 checksum:  1962612 4decc400c81cc614b92e4a1ad30ed1af
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_armel.deb
Size/MD5 checksum:   733882 423ec8e7059493bc0fc18e82b806f285
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_armel.deb
Size/MD5 checksum:   532724 29c468a23b0ea6ed185011b32301a62f
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_armel.deb
Size/MD5 checksum:   633846 fb04296b8cafd4e7d963fa7b76aaeb72
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_armel.deb
Size/MD5 checksum:   593904 35f18b5885bbc7d0c3d8266f80b4972e

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_hppa.deb
Size/MD5 checksum:   706862 f1d684f275d2856b5901c6ba281e2c6c
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_hppa.deb
Size/MD5 checksum:  2071298 faf1c7e0ce3ecb2d8f7b7bfda1a8c8e8
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_hppa.deb
Size/MD5 checksum:   748138 bca4aef69adacc2ad3916dec73fa39e2
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_hppa.deb
Size/MD5 checksum:   580570 17528232c8afce64d1001ee70ed51cfd
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_hppa.deb
Size/MD5 checksum:   657840 33e4113f1fe83f46d37fbc402c75cdd2

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_i386.deb
Size/MD5 checksum:  1958352 6e52615a8b32b370b494137f0300feb2
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_i386.deb
Size/MD5 checksum:   757594 d497653d4099715dd6fd93e05b040628
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_i386.deb
Size/MD5 checksum:   613194 ced6311eecca14af5769eb5f8b0c31c5
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_i386.deb
Size/MD5 checksum:   654282 ec5871f734bdbe786fea918239f03e54
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_i386.deb
Size/MD5 checksum:   535140 c337b0f6e4af21cbdf4a78e69f064469

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_ia64.deb
Size/MD5 checksum:   831536 62b8713afd7d9fbe131991906b0dbb97
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_ia64.deb
Size/MD5 checksum:   775238 956a12f89fa6726c7b3a6a7bcb75468b
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_ia64.deb
Size/MD5 checksum:   736840 0204a4e63142577df5144a6130a5ce2c
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_ia64.deb
Size/MD5 checksum:   691606 01a3e15fdbe685d4f07e3bf03c912315
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_ia64.deb
Size/MD5 checksum:  1798590 aa499f0a6891b564a8a8c710416c609d

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_mipsel.deb
Size/MD5 checksum:   543784 d03b80092bd257a9063583688dccb56a
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_mipsel.deb
Size/MD5 checksum:   596180 3fd8c7843ec4bbd84b5e0e6f190caa52
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_mipsel.deb
Size/MD5 checksum:   629238 d61e7398ccfc2bf304698c4ba753dca0
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_mipsel.deb
Size/MD5 checksum:   766454 d1da8cc53723cad21cbbae1509202fb7
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_mipsel.deb
Size/MD5 checksum:  1648330 b53fbf48b759f8ed6e73f57f5b80ec96

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_powerpc.deb
Size/MD5 checksum:   676340 30c793888c95438921365283010c93d1
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_powerpc.deb
Size/MD5 checksum:   759318 d06fa7e4b07582a55db2af4ea3c4b59f
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_powerpc.deb
Size/MD5 checksum:   568176 3ab7e328f4b77832efbd25aac2ed9411
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_powerpc.deb
Size/MD5 checksum:   641016 a324bb31b852d1263d368e5c52c9ad57
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_powerpc.deb
Size/MD5 checksum:  1606250 6064261f608218c011229c2ac3e955bb

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_s390.deb
Size/MD5 checksum:   688236 c74f47601419f18507d11e8ed96b5fce
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_s390.deb
Size/MD5 checksum:   647672 6fc21eb1bac7df10cf097ad9946ff73f
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_s390.deb
Size/MD5 checksum:   767682 dd900105226d9b8477144394d9db91f7
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_s390.deb
Size/MD5 checksum:   577372 0c664657507445643e307f75b7591b11
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_s390.deb
Size/MD5 checksum:  1597620 f46831f1d0039b369670d5d0c2e4dfc7

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2_1.1.7-2+lenny1_sparc.deb
Size/MD5 checksum:   604228 37f7538fc5407a74d561a7e77d5fd063
http://security.debian.org/pool/updates/main/s/silc-client/irssi-plugin-silc_1.1.4-1+lenny1_sparc.deb
Size/MD5 checksum:   644262 0dc6b8b64ba99bfd73b9f0209ef443da
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dev_1.1.7-2+lenny1_sparc.deb
Size/MD5 checksum:  1986452 ccea49c8bda9cd6d1199668a34456eda
http://security.debian.org/pool/updates/main/s/silc-client/silc_1.1.4-1+lenny1_sparc.deb
Size/MD5 checksum:   542290 18a8c0d447f2f57496c283480b3194e7
http://security.debian.org/pool/updates/main/s/silc-toolkit/libsilc-1.1-2-dbg_1.1.7-2+lenny1_sparc.deb
Size/MD5 checksum:   707320 e46a755fa1382dbfd179a7d50b129508

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

Gentoo
------
Gentoo已经为此发布了一个安全公告（GLSA 201006-07）以及相应补丁:
GLSA 201006-07：SILC: Multiple vulnerabilities
链接：http://www.gentoo.org/security/en/glsa/glsa-201006-07.xml

SILC
----
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff;h=8cb801cf6482666818e721822ce81c81ec818908

浏览次数：3857
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客