安全研究
安全漏洞
Wireshark 1.0.14和1.2.9版本更新修复多个安全漏洞
发布日期:2010-06-09
更新日期:2010-07-05
受影响系统:
Wireshark Wireshark 0.8.20 - 1.2.8不受影响系统:
Wireshark Wireshark 1.2.9描述:
Wireshark Wireshark 1.0.14
BUGTRAQ ID: 40728
CVE ID: CVE-2010-2283,CVE-2010-2284,CVE-2010-2285,CVE-2010-2286,CVE-2010-2287
Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。
Wireshark的SMB、SMB PIPE协议解析模块中存在空指针引用错误,SigComp通用解码虚拟机中存在死循环和单字节溢出漏洞,ASN.1 BER协议解码器中存在栈溢出漏洞。用户受骗分析了恶意报文或读取了恶意抓包文件就可以触发这些漏洞,导致拒绝服务或执行任意代码。
<*来源:J. Oquendo
链接:http://secunia.com/advisories/40112
http://www.wireshark.org/security/wnpa-sec-2010-05.html
http://www.wireshark.org/security/wnpa-sec-2010-06.html
http://www.debian.org/security/2010/dsa-2066
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-2066-1)以及相应补丁:
DSA-2066-1:wireshark: Multiple vulnerabilities
链接:http://www.debian.org/security/2010/dsa-2066
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9.diff.gz
Size/MD5 checksum: 117318 c57282dba42788631eb9b2aafcb795b9
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2.orig.tar.gz
Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9.dsc
Size/MD5 checksum: 1502 0e98ce69fc13ab36557c65c07b4b75ba
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_alpha.deb
Size/MD5 checksum: 569930 cfa45c83e5c9c44920e7aefc02953806
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_alpha.deb
Size/MD5 checksum: 731110 e311e7e59bc6e610e8168036a5690de0
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_alpha.deb
Size/MD5 checksum: 12097910 56e87a8f98c6226ad760fed96a49da02
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_alpha.deb
Size/MD5 checksum: 126986 eac9483ae6b2788128ed22939aaa2065
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_amd64.deb
Size/MD5 checksum: 659816 6fac5122d24f4941f15a9ad73498b639
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_amd64.deb
Size/MD5 checksum: 582426 0a20dce55ed1f2d1ebd7ce85c56c9cec
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_amd64.deb
Size/MD5 checksum: 11866064 9056a2c4b1de908c83a2eee224bb4c5a
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_amd64.deb
Size/MD5 checksum: 118542 b91639fd75d0f01f0b635d2906466fa7
arm architecture (ARM)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_arm.deb
Size/MD5 checksum: 10214918 247e1109f87d9eef35014125b5c0d684
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_arm.deb
Size/MD5 checksum: 111240 509b7ad83c455e51502e421671190f08
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_arm.deb
Size/MD5 checksum: 614378 e61a1effec42a968416f55eb39184d34
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_arm.deb
Size/MD5 checksum: 584478 a8f8d82419846731c5a9143a0e42df74
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_armel.deb
Size/MD5 checksum: 620384 e61474b8f78057891851e809470416c1
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_armel.deb
Size/MD5 checksum: 583854 0bb327530c4e5ec401a5074d03c19108
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_armel.deb
Size/MD5 checksum: 10219204 474007b931f7f7c8a516bde4ad166b39
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_armel.deb
Size/MD5 checksum: 113084 2bbf09b9deaa7be1e04390cdad71e8dc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_hppa.deb
Size/MD5 checksum: 584110 b2a9a17505cf8e53d3a94ff3a483995c
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_hppa.deb
Size/MD5 checksum: 694798 e9d0705311d2a1797c10f1035a05f116
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_hppa.deb
Size/MD5 checksum: 121114 c30b842eb86c1af2440714dc86a383a5
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_hppa.deb
Size/MD5 checksum: 13272482 2dfafdb7cf34a776fd6ec90adcd8a3a8
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_i386.deb
Size/MD5 checksum: 10113068 09efb0fca5f46ba65beee175b934ba13
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_i386.deb
Size/MD5 checksum: 111900 c46f23005c23bdcb7ca95bd8f4d57efd
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_i386.deb
Size/MD5 checksum: 569932 e2201aaa7f040869e4ac6878781ad4dc
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_i386.deb
Size/MD5 checksum: 619470 dbba8e61a068df42a854b765189fee43
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_ia64.deb
Size/MD5 checksum: 13687486 606d272c4f0abbb1e9f983595d8b9c81
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_ia64.deb
Size/MD5 checksum: 569910 4e3071a28cfbcd5cbe1a3be145cb66ec
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_ia64.deb
Size/MD5 checksum: 930118 859a8f3701e985ebfbeb2dfbfb15c348
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_ia64.deb
Size/MD5 checksum: 154074 284194d7a3ffeaa3b64c55eecddad25d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_mips.deb
Size/MD5 checksum: 637126 c9fd33097e71f8538744cfe81796dc37
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_mips.deb
Size/MD5 checksum: 584124 235c303d91ced163d2bdb4783ed1c1b0
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_mips.deb
Size/MD5 checksum: 113080 5d83644584a5dd00cf7c9f1d6f2c5bd7
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_mips.deb
Size/MD5 checksum: 10423592 e5bedaac3c39ba6ab485f6cdafe2430f
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_mipsel.deb
Size/MD5 checksum: 627100 a53c5133cec97a7020884c6fe5c1f30e
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_mipsel.deb
Size/MD5 checksum: 9729878 e0c65c8bc125f0613e6d68125813d5bb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_mipsel.deb
Size/MD5 checksum: 569970 d4d5c23b486bd3699d01ea8fa2f95e99
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_mipsel.deb
Size/MD5 checksum: 113396 23b6778041b23721b0819bf9042b70bb
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_powerpc.deb
Size/MD5 checksum: 584576 b31cb071b70d16de97ad4e9211cc9442
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_powerpc.deb
Size/MD5 checksum: 677432 6ecabe572aa78465c7bf298be6d534d4
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_powerpc.deb
Size/MD5 checksum: 123124 523f75e5f1cb8685bbc0475a939a9b0c
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_powerpc.deb
Size/MD5 checksum: 11228652 99688c83a5951441f09c4f8b0a6f3c20
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_s390.deb
Size/MD5 checksum: 122294 2a42d6fedac978f4ddaebf5a1ec35b92
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_s390.deb
Size/MD5 checksum: 671216 f04ef7a93b80c097edf2c55b11843521
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_s390.deb
Size/MD5 checksum: 584780 73c011dc1581e92c2a4a12a8d8b4b70c
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_s390.deb
Size/MD5 checksum: 12487580 0ba627e0d6df4bdc3422618a6450c2d1
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_sparc.deb
Size/MD5 checksum: 113460 d1b06ded2ea44e26d44ab7424bb1f174
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_sparc.deb
Size/MD5 checksum: 583604 3a4187d54fb747638bdfbeeffb9d2418
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_sparc.deb
Size/MD5 checksum: 11286898 4fcc47f9836da934431dce9840a50278
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_sparc.deb
Size/MD5 checksum: 629518 6f3df69e45a48f5845a360f2b709d150
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
Wireshark
---------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.wireshark.org/
浏览次数:3546
严重程度:0(网友投票)
绿盟科技给您安全的保障