安全研究
安全漏洞
Net-SNMP Trap和Request处理漏洞
发布日期:2002-02-27
更新日期:2002-03-04
受影响系统:
不受影响系统:
Net-SNMP ucd-snmp 4.1.1
- Debian Linux 2.2
Net-SNMP ucd-snmp 4.2.1
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Server 3.1
- Caldera OpenLinux Workstation 3.1.1
- Caldera OpenLinux Workstation 3.1
- eServer 2.3.1
- FreeBSD 4.5
- FreeBSD 4.4
- FreeBSD 4.3
- FreeBSD 4.2
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 x86
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1
- RedHat Linux 7.1 alpha
- RedHat Linux 7.1 x86
- RedHat Linux 7.0 x86
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0
- RedHat Linux 6.2
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 alpha
- RedHat Linux 6.2 x86
描述:
BUGTRAQ ID: 4203
Net-SNMP是一个免费的,开放源码的SNMP实现,以前称为UCD-SNMP。SNMP请求从管理系统发往代理,通常用来获取设备的信息或更改其设置。SNMP traps是从代理发送到管理系统的信息,它通常是用于某些事件发生时通知管理系统,并向管理系统提供代理的状态信息。
某些低版本的Net-SNMP实现上存在多个缓冲区溢出漏洞,远程攻击者可能借这些漏洞得到运行Net-SNMP服务的主机的管理权限。
多种SNMP的实现存在漏洞,这个Net-SNMP的问题是其中的一个。
<*来源:Oulu University Secure Programming Group
链接:http://archives.neohapsis.com/archives/bugtraq/2002-02/0353.html
http://www.cert.org/advisories/CA-2002-03.html
http://www.caldera.com/support/security/advisories/CSSA-2002-004.0.txt
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-014.php3
https://www.redhat.com/support/errata/RHSA-2001-163.html
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:11.snmp.asc
http://www.debian.org/security/2002/dsa-111
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 如果SNMP服务不是必需的,把它闭掉。
* 对SNMP服务端口设置访问控制,确信只有可信用户能够访问。
厂商补丁:
Caldera
-------
Caldera已经为此发布了一个安全公告(CSSA-2002-004.0)以及相应补丁:
CSSA-2002-004.0:Linux - Various security problems in ucd-snmp
链接:http://www.caldera.com/support/security/advisories/CSSA-2002-004.0.txt
补丁下载:
OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS
OpenLinux 3.1 Server
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
OpenLinux 3.1 Workstation
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS
OpenLinux 3.1.1 Server
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS
OpenLinux 3.1.1 Workstation
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS
可使用下列命令安装补丁:
rpm -Fvh ucd-snmp-4.2.1-17.i386.rpm \
ucd-snmp-devel-4.2.1-17.i386.rpm \
ucd-snmp-tkmib-4.2.1-17.i386.rpm \
ucd-snmp-utils-4.2.1-17.i386.rpm
Debian
------
Debian已经为此发布了一个安全公告(DSA-111-1)以及相应补丁:
DSA-111-1:DSA-111-1 ucd-snmp -- remote exploit
链接:http://www.debian.org/security/2002/dsa-111
补丁下载:
Debian GNU/Linux 2.2 (potato)
Source:
http://security.debian.org/dists/stable/updates/main/source/ucd-snmp_4.1.1-2.2.diff.gz
http://security.debian.org/dists/stable/updates/main/source/ucd-snmp_4.1.1-2.2.dsc
http://security.debian.org/dists/stable/updates/main/source/ucd-snmp_4.1.1.orig.tar.gz
Alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/libsnmp4.1-dev_4.1.1-2.2_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libsnmp4.1_4.1.1-2.2_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/snmp_4.1.1-2.2_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/snmpd_4.1.1-2.2_alpha.deb
ARM:
http://security.debian.org/dists/stable/updates/main/binary-arm/libsnmp4.1-dev_4.1.1-2.2_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libsnmp4.1_4.1.1-2.2_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/snmp_4.1.1-2.2_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/snmpd_4.1.1-2.2_arm.deb
Intel IA-32:
http://security.debian.org/dists/stable/updates/main/binary-i386/libsnmp4.1-dev_4.1.1-2.2_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libsnmp4.1_4.1.1-2.2_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/snmp_4.1.1-2.2_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/snmpd_4.1.1-2.2_i386.deb
Motorola 680x0:
http://security.debian.org/dists/stable/updates/main/binary-m68k/libsnmp4.1-dev_4.1.1-2.2_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libsnmp4.1_4.1.1-2.2_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/snmp_4.1.1-2.2_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/snmpd_4.1.1-2.2_m68k.deb
Sun Sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/libsnmp4.1-dev_4.1.1-2.2_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libsnmp4.1_4.1.1-2.2_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/snmp_4.1.1-2.2_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/snmpd_4.1.1-2.2_sparc.deb
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-02:11)以及相应补丁:
FreeBSD-SA-02:11:ucd-snmp/net-snmp remotely exploitable vulnerabilities
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:11.snmp.asc
补丁下载:
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/ucd-snmp-4.2.3.tgz
可使用下列命令安装补丁:
pkg_add ucd-snmp-4.2.3.tgz
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2002:014)以及相应补丁:
MDKSA-2002:014:ucd-snmp
链接:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-014.php3
补丁下载:
Linux-Mandrake 7.1:
93fd86af6221a6e97a2658c947dfec2a 7.1/RPMS/ucd-snmp-4.2.3-1.3mdk.i586.rpm
2255943a33d17b485d76841ea441ec7c 7.1/RPMS/ucd-snmp-devel-4.2.3-1.3mdk.i586.rpm
d04c6712ea9e519ffc8209bdf94ce34a 7.1/RPMS/ucd-snmp-utils-4.2.3-1.3mdk.i586.rpm
5eaba54efd8006ee6467454c7b27db39 7.1/SRPMS/ucd-snmp-4.2.3-1.3mdk.src.rpm
Linux-Mandrake 7.2:
ded61d25c1172daf46808b6dc5992a0d 7.2/RPMS/ucd-snmp-4.2.3-1.2mdk.i586.rpm
f84e3bb953c60976516006aeacbbecb1 7.2/RPMS/ucd-snmp-devel-4.2.3-1.2mdk.i586.rpm
489abc125f1f09f96b4216227c9780e4 7.2/RPMS/ucd-snmp-utils-4.2.3-1.2mdk.i586.rpm
62f371ebe47a178f22eea04a46be0133 7.2/SRPMS/ucd-snmp-4.2.3-1.2mdk.src.rpm
Mandrake Linux 8.0:
68490a0a6f320bff263bf02b5937f636 8.0/RPMS/ucd-snmp-4.2.3-1.2mdk.i586.rpm
c039d6a1b14b4d9432dc54772e737e12 8.0/RPMS/ucd-snmp-devel-4.2.3-1.2mdk.i586.rpm
b9bcde5c175bb0f60dd273f73b2451a8 8.0/RPMS/ucd-snmp-utils-4.2.3-1.2mdk.i586.rpm
62f371ebe47a178f22eea04a46be0133 8.0/SRPMS/ucd-snmp-4.2.3-1.2mdk.src.rpm
Mandrake Linux 8.0/ppc:
625d72836471bb720d2059534d380c9b ppc/8.0/RPMS/ucd-snmp-4.2.3-1.2mdk.ppc.rpm
fe87c68ae55733562664337808b8cdb9 ppc/8.0/RPMS/ucd-snmp-devel-4.2.3-1.2mdk.ppc.rpm
0dbf1a4fb395b7fee70f5a320fc6a512 ppc/8.0/RPMS/ucd-snmp-utils-4.2.3-1.2mdk.ppc.rpm
62f371ebe47a178f22eea04a46be0133 ppc/8.0/SRPMS/ucd-snmp-4.2.3-1.2mdk.src.rpm
Mandrake Linux 8.1:
f35c85a83c83019da401f960a17820a7 8.1/RPMS/libsnmp0-4.2.3-1.1mdk.i586.rpm
ec1674b1a01486383218fec8d3bdeaa2 8.1/RPMS/libsnmp0-devel-4.2.3-1.1mdk.i586.rpm
c1bbbce3d1edeb366af8207476f8bba4 8.1/RPMS/ucd-snmp-4.2.3-1.1mdk.i586.rpm
ec1118634eb28a4f78a37c7dcbb4b122 8.1/RPMS/ucd-snmp-utils-4.2.3-1.1mdk.i586.rpm
cb2439511ce05728a37e37c62be6f7ac 8.1/SRPMS/ucd-snmp-4.2.3-1.1mdk.src.rpm
Mandrake Linux 8.1/ia64:
e75d7c90d2fb756c7deb414e68f05764 ia64/8.1/RPMS/libsnmp0-4.2.3-1.1mdk.ia64.rpm
c8d97181c3a24131068567005ddcc3ac ia64/8.1/RPMS/libsnmp0-devel-4.2.3-1.1mdk.ia64.rpm
4379db079554d1db0b3045c31799a9a0 ia64/8.1/RPMS/ucd-snmp-4.2.3-1.1mdk.ia64.rpm
80530a228d794dc938053fbdaa8541fb ia64/8.1/RPMS/ucd-snmp-utils-4.2.3-1.1mdk.ia64.rpm
cb2439511ce05728a37e37c62be6f7ac ia64/8.1/SRPMS/ucd-snmp-4.2.3-1.1mdk.src.rpm
Corporate Server 1.0.1:
93fd86af6221a6e97a2658c947dfec2a 1.0.1/RPMS/ucd-snmp-4.2.3-1.3mdk.i586.rpm
2255943a33d17b485d76841ea441ec7c 1.0.1/RPMS/ucd-snmp-devel-4.2.3-1.3mdk.i586.rpm
d04c6712ea9e519ffc8209bdf94ce34a 1.0.1/RPMS/ucd-snmp-utils-4.2.3-1.3mdk.i586.rpm
5eaba54efd8006ee6467454c7b27db39 1.0.1/SRPMS/ucd-snmp-4.2.3-1.3mdk.src.rpm
Single Network Firewall 7.2:
ded61d25c1172daf46808b6dc5992a0d snf7.2/RPMS/ucd-snmp-4.2.3-1.2mdk.i586.rpm
489abc125f1f09f96b4216227c9780e4 snf7.2/RPMS/ucd-snmp-utils-4.2.3-1.2mdk.i586.rpm
62f371ebe47a178f22eea04a46be0133 snf7.2/SRPMS/ucd-snmp-4.2.3-1.2mdk.src.rpm
可使用下列命令安装补丁:
rpm -Fvh *.rpm
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2001:163-20)以及相应补丁:
RHSA-2001:163-20:Updated ucd-snmp packages available
链接:https://www.redhat.com/support/errata/RHSA-2001-163.html
补丁下载:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/ucd-snmp-4.2.3-1.6.x.3.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/ucd-snmp-4.2.3-1.6.x.3.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/ucd-snmp-utils-4.2.3-1.6.x.3.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/ucd-snmp-devel-4.2.3-1.6.x.3.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/ucd-snmp-4.2.3-1.6.x.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/ucd-snmp-utils-4.2.3-1.6.x.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/ucd-snmp-devel-4.2.3-1.6.x.3.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/ucd-snmp-4.2.3-1.6.x.3.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/ucd-snmp-utils-4.2.3-1.6.x.3.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/ucd-snmp-devel-4.2.3-1.6.x.3.sparc.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/ucd-snmp-4.2.3-1.7.0.3.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/ucd-snmp-4.2.3-1.7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/ucd-snmp-utils-4.2.3-1.7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/ucd-snmp-devel-4.2.3-1.7.0.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/ucd-snmp-4.2.3-1.7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/ucd-snmp-utils-4.2.3-1.7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/ucd-snmp-devel-4.2.3-1.7.0.3.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/ucd-snmp-4.2.3-1.7.1.3.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/ucd-snmp-4.2.3-1.7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/ucd-snmp-utils-4.2.3-1.7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/ucd-snmp-devel-4.2.3-1.7.1.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/ucd-snmp-4.2.3-1.7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/ucd-snmp-utils-4.2.3-1.7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/ucd-snmp-devel-4.2.3-1.7.1.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/ucd-snmp-4.2.3-1.7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/ucd-snmp-utils-4.2.3-1.7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/ucd-snmp-devel-4.2.3-1.7.1.3.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/ucd-snmp-4.2.3-1.7.2.3.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/ethereal-0.8.18-10.7.2.1.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/ucd-snmp-4.2.3-1.7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ucd-snmp-utils-4.2.3-1.7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ucd-snmp-devel-4.2.3-1.7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ethereal-0.8.18-10.7.2.1.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/ethereal-gnome-0.8.18-10.7.2.1.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/ucd-snmp-4.2.3-1.7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ucd-snmp-utils-4.2.3-1.7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ucd-snmp-devel-4.2.3-1.7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ethereal-0.8.18-10.7.2.1.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/ethereal-gnome-0.8.18-10.7.2.1.ia64.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
浏览次数:11234
严重程度:0(网友投票)
绿盟科技给您安全的保障