发布日期:2010-01-27
更新日期:2010-02-01受影响系统:
ircd-ratbox ircd-ratbox 2.x
不受影响系统:
ircd-ratbox ircd-ratbox 2.2.9
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 37979
CVE ID: CVE-2010-0300ircd-ratbox是全功能的ircd服务程序。远程攻击者可以通过向ratbox IRC服务器发送特制的HELP命令触发空指针引用,导致服务崩溃。<*来源:Aaron Sethman (androsyn@ratbox.org)
链接:http://secunia.com/advisories/38210/
http://lists.ratbox.org/pipermail/ircd-ratbox/2010-January/000891.html
http://www.debian.org/security/2010/dsa-1980
*>建议:
--------------------------------------------------------------------------------
厂商补丁:Debian
------
Debian已经为此发布了一个安全公告(DSA-1980-1)以及相应补丁:
DSA-1980-1:integer underflow/denial of service
链接:http://www.debian.org/security/2010/dsa-1980补丁下载:Source archives:http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.dsc
Size/MD5 checksum: 1139 a48d912892925013b37fb773841d6710
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2.orig.tar.gz
Size/MD5 checksum: 756749 75896381ea6330aea860b35fff3c34bb
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1.diff.gz
Size/MD5 checksum: 115007 a8d23129d0675ff779e5e315f8632a6b
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.diff.gz
Size/MD5 checksum: 18289 04a221b2b8dfd0654778a6608c7cb66b
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1.dsc
Size/MD5 checksum: 1230 f79125aafcc5d9fcbd09bedadd69fce7
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg.orig.tar.gz
Size/MD5 checksum: 673439 0eb7d1430a997a37af03f8b2f9eed4bbArchitecture independent packages:http://security.debian.org/pool/updates/main/i/ircd-hybrid/hybrid-dev_7.2.2.dfsg.2-4+lenny1_all.deb
Size/MD5 checksum: 65708 85dba185f2fdd9e7b3c423ae8722cc2falpha architecture (DEC Alpha)http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_alpha.deb
Size/MD5 checksum: 568252 35a559f24895dab0fbe71f6af3a8c0b1
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_alpha.deb
Size/MD5 checksum: 929788 583d32d5afc9747d824499183d4a5761
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_alpha.deb
Size/MD5 checksum: 660008 1a2bca514133dbc27f91bca69ed2122eamd64 architecture (AMD x86_64 (AMD64))http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_amd64.deb
Size/MD5 checksum: 937710 2867b5535578c017699418acab7565b7
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_amd64.deb
Size/MD5 checksum: 542006 52ca320cdd28849bd65065c921f03623
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_amd64.deb
Size/MD5 checksum: 634416 d320f0d1b77cb08cb0caa9c9644d13aaarm architecture (ARM)http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_arm.deb
Size/MD5 checksum: 589350 451a5bcf2b4b8f40e39128be3fdc479darmel architecture (ARM EABI)http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_armel.deb
Size/MD5 checksum: 894654 4daf0784d8865e75c378630d7cf2d870
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_armel.deb
Size/MD5 checksum: 595420 bf40953d00dbccd069b1596b6c84eadc
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_armel.deb
Size/MD5 checksum: 504238 785107a5a9fa3dcd88f2a12916d47092hppa architecture (HP PA RISC)http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_hppa.deb
Size/MD5 checksum: 908902 8e1ebf2baf27a71f008eba792cdd87d7
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_hppa.deb
Size/MD5 checksum: 647938 c67f473e9b4ae77a5578359c76ff5e75
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_hppa.deb
Size/MD5 checksum: 554656 00af4d733f43a8404b2e62718a4bd341i386 architecture (Intel ia32)http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_i386.deb
Size/MD5 checksum: 591346 7a9ccd0273005c654f5e78d6ba9d29d6
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_i386.deb
Size/MD5 checksum: 891002 796bbd22c352ec873c9705e560492dbe
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_i386.deb
Size/MD5 checksum: 499796 24e0d7b1284b3d7c3688366e9a8c493eia64 architecture (Intel ia64)http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_ia64.deb
Size/MD5 checksum: 783482 28568b727f452ef622cb8939618dde23
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_ia64.deb
Size/MD5 checksum: 685370 17507ab3172ad5e1fd88ea05c70f68c4
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_ia64.deb
Size/MD5 checksum: 906848 4561656a5c033c9b647f146a13e79322mips architecture (MIPS (Big Endian))http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_mips.deb
Size/MD5 checksum: 506502 854cd9c98a5eaf38e3f815fd79d20c9a
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_mips.deb
Size/MD5 checksum: 918546 5307013e962c38b405db7507e251a31d
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_mips.deb
Size/MD5 checksum: 601610 9fc6640bb08a3af295589b72f6667087mipsel architecture (MIPS (Little Endian))http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_mipsel.deb
Size/MD5 checksum: 912794 6024ad0383d9696c727203a0af740630
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_mipsel.deb
Size/MD5 checksum: 504864 ac200b212ed5ed69095b90bba53558f3
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_mipsel.deb
Size/MD5 checksum: 599656 f32d222728582a36d1a75494d87340afpowerpc architecture (PowerPC)http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_powerpc.deb
Size/MD5 checksum: 732146 445dc7f28c92455ed3293b9b6b795020
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_powerpc.deb
Size/MD5 checksum: 1001328 bca90faf524223bb06bb47774ee7d147
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_powerpc.deb
Size/MD5 checksum: 639750 282ee75ee6b2e2fefcda221fb930bc6bs390 architecture (IBM S/390)http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_s390.deb
Size/MD5 checksum: 905196 cc484c7b4f807227ff75af729504ca0c
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_s390.deb
Size/MD5 checksum: 537006 3c24b451ae8fdd846d982982fa652535
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_s390.deb
Size/MD5 checksum: 616620 d9bba18dc19104a06d57403bf93e64a6sparc architecture (Sun SPARC/UltraSPARC)http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox-dbg_2.2.8.dfsg-2+lenny1_sparc.deb
Size/MD5 checksum: 843350 99cd0379e8623f3265bbba3eb8578e86
http://security.debian.org/pool/updates/main/i/ircd-hybrid/ircd-hybrid_7.2.2.dfsg.2-4+lenny1_sparc.deb
Size/MD5 checksum: 586408 87cbcdd0fadac9c2d17c71cb5df907f7
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1_sparc.deb
Size/MD5 checksum: 498376 a117209c1ed8b9104bee8a154d390fd0补丁安装方法:1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgradeircd-ratbox
-----------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:http://www.ircd-ratbox.org/download/ircd-ratbox-2.2.9.tar.bz2IBM DB2 kuddb2服务远程拒绝服务漏洞Linux Kernel 64位Personality处理本地拒绝服务漏洞相关资讯 漏洞
- 快递官网漏洞泄露 1400 万用户信息 (08/12/2014 08:37:42)
- 要389目录服务器访问绕过漏洞 (10/01/2012 09:18:08)
- ASUS Net4Switch "ipswcom.dll" (03/02/2012 09:32:42)
| - 软件漏洞是一笔大买卖! (10/06/2012 08:28:32)
- PHPCMS V9.1.13任意文件包含漏洞分 (08/01/2012 07:23:17)
- Open Handset Alliance Android (03/01/2012 06:59:34)
|
本文评论 查看全部评论 (0)
评论声明- 尊重网上道德,遵守中华人民共和国的各项有关法律法规
- 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
- 本站管理人员有权保留或删除其管辖留言中的任意内容
- 本站有权在网站内转载或引用您的评论
- 参与本评论即表明您已经阅读并接受上述条款
|
|
易网时代-编程资源站