|
信息提供: |
安全公告(或线索)提供热线:51cto.editor@gmail.com |
|
漏洞类别: |
溢出错误 |
|
攻击类型: |
嵌入恶意代码 |
|
发布日期: |
2003-02-20 |
|
更新日期: |
2003-02-28 |
|
受影响系统: |
Cisco IOS 12.0.7(T) Cisco IOS 12.0.4T Cisco IOS 12.0.4S Cisco IOS 12.0.3T2 Cisco IOS 12.0.2XG Cisco IOS 12.0.2XF Cisco IOS 12.0.2XD Cisco IOS 12.0.2XC Cisco IOS 12.0.2 Cisco IOS 12.0.1XE Cisco IOS 12.0.1XB Cisco IOS 12.0.1XA3 Cisco IOS 12.0.1W Cisco IOS 12.0.1 Cisco IOS 12.0(9)S Cisco IOS 12.0(8.3)SC Cisco IOS 12.0(8.0.2)S Cisco IOS 12.0(8) Cisco IOS 12.0(7.4)S Cisco IOS 12.0(7)XK Cisco IOS 12.0(7)T Cisco IOS 12.0(7)SC Cisco IOS 12.0(7)S1 Cisco IOS 12.0(5.1)XP Cisco IOS 12.0(5)XK Cisco IOS 12.0(5)T1 Cisco IOS 12.0(5)T Cisco IOS 12.0(18)S Cisco IOS 12.0(17)S Cisco IOS 12.0(17) Cisco IOS 12.0(16.06)S Cisco IOS 12.0(16)W5(21) Cisco IOS 12.0(15)S3 Cisco IOS 12.0(14)W5(20) Cisco IOS 12.0(14)ST Cisco IOS 12.0(13)W5(19c) Cisco IOS 12.0(10)W5(18g) Cisco IOS 12.0(10)W5 Cisco IOS 12.0 (3) Cisco IOS 12.0 (19) Cisco IOS 12.0 Cisco IOS 11.3XA Cisco IOS 11.3WA4 Cisco IOS 11.3T Cisco IOS 11.3NA Cisco IOS 11.3MA Cisco IOS 11.3HA Cisco IOS 11.3DB Cisco IOS 11.3DA Cisco IOS 11.3AA Cisco IOS 11.3.1T Cisco IOS 11.3.1ED Cisco IOS 11.3.11b Cisco IOS 11.2.9XA Cisco IOS 11.2.9P Cisco IOS 11.2.8SA5 Cisco IOS 11.2.8SA3 Cisco IOS 11.2.8SA1 Cisco IOS 11.2.8P Cisco IOS 11.2.4F1 Cisco IOS 11.2.4F Cisco IOS 11.2.10BC Cisco IOS 11.2(9)XA Cisco IOS 11.2(4)XAf Cisco IOS 11.2(4)XA Cisco IOS 11.2(4) Cisco IOS 11.2(19)GS0.2 Cisco IOS 11.2(17) Cisco IOS 11.2 (26a) Cisco IOS 11.2 Cisco IOS 11.1IA Cisco IOS 11.1CT Cisco IOS 11.1CC Cisco IOS 11.1CA Cisco IOS 11.1AA Cisco IOS 11.1.9IA Cisco IOS 11.1.7CA Cisco IOS 11.1.7AA Cisco IOS 11.1.17CT Cisco IOS 11.1.17CC Cisco IOS 11.1.16IA Cisco IOS 11.1.16AA Cisco IOS 11.1.16 Cisco IOS 11.1.15IA Cisco IOS 11.1.15CA Cisco IOS 11.1.15AA Cisco IOS 11.1.15 Cisco IOS 11.1.13IA Cisco IOS 11.1.13CA Cisco IOS 11.1.13AA Cisco IOS 11.1.13 Cisco IOS 11.1(36)CC2 Cisco IOS 11.1 (24a) Cisco IOS 11.1 |
|
安全系统: |
Cisco IOS 12.1 (1)T |
|
漏洞报告人: |
FX (fx@phenoelit.de) |
|
漏洞描述: |
BUGTRAQ ID: 6895 CVE(CAN) ID: CVE-2003-0100 Internet Operating System (IOS)是一款使用于CISCO路由器上的操作系统。 CISCO IOS在处理畸形OSPF包时存在缓冲区溢出,远程攻击者可以利用这个漏洞可能在设备上执行恶意指令及进行恶意拒绝服务攻击。 部分Cisco IOS版本中包含的OSPF实现在一个接口上接收到超过255个OSPF邻居的通告时,会发生IO内存结构破坏,FX of Phenoelit研究提供了利用这个漏洞在路由器上执行恶意代码及的程序。 Cisco Bug CSCdp58462对此漏洞进行了详细描述。 |
|
测试方法: |
无 |
|
解决方法: |
临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: * 在路由器上配置使用OSPF MD5验证。 * 设置正确的访问控制允许部分OSPF邻居访问: access-list 100 permit ospf host a.b.c.x host 224.0.0.5 access-list 100 permit ospf host a.b.c.x host interface_ip access-list 100 permit ospf host a.b.c.y host 224.0.0.5 access-list 100 permit ospf host a.b.c.y host interface_ip access-list 100 permit ospf host a.b.c.z host 224.0.0.5 access-list 100 permit ospf host a.b.c.z host interface_ip access-list 100 permit ospf any host 224.0.0.6 access-list 100 deny ospf any any access-list 100 permit ip any any 厂商补丁: Cisco ----- Cisco IOS版本11.1 - 12.0存在此漏洞,Cisco在如下IOS版本中已经修补此漏洞: 12.0(19)S 12.0(19)ST 12.1(1) 12.1(1)DB 12.1(1)DC 12.1(1)T 及之后的版本。 http://www.cisco.com/warp/public/707/advisory.html |
更多内容请看PCdog.com--Cisco IOS技术手册 Cisco交换机 Cisco路由器配置手册专题
