漏洞信息详情
Wireshark 分析器IPMI 缓冲溢出和拒绝服务攻击漏洞
- CNNVD编号:CNNVD-200907-310
- 危害等级: 中危
- CVE编号: CVE-2009-2559
- 漏洞类型: 缓冲区溢出
- 发布时间: 2009-07-21
- 威胁类型: 远程
- 更新时间: 2009-07-21
- 厂 商: wireshark
- 漏洞来源: Wireshark http://w...
漏洞简介
Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。
Wireshark的IPMI协议解析器中存在拒绝服务漏洞。如果用户受骗从网络抓取了恶意的报文或读取了恶意抓包文件的话,就会导致解析模块崩溃。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Debian Linux 5.0 ia-64
Debian tshark_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2- 3+lenny7_ia64.deb
Debian wireshark-common_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_1.0.2-3+lenny7_ia64.deb
Debian wireshark-dev_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _1.0.2-3+lenny7_ia64.deb
Debian wireshark_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0 .2-3+lenny7_ia64.deb
Debian Linux 5.0 alpha
Debian tshark_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2- 3+lenny7_alpha.deb
Debian wireshark-common_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_1.0.2-3+lenny7_alpha.deb
Debian wireshark-dev_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _1.0.2-3+lenny7_alpha.deb
Debian wireshark_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0 .2-3+lenny7_alpha.deb
Debian Linux 5.0 mipsel
Debian tshark_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2- 3+lenny7_mipsel.deb
Debian wireshark-common_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_1.0.2-3+lenny7_mipsel.deb
Debian wireshark-dev_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _1.0.2-3+lenny7_mipsel.deb
Debian wireshark_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0 .2-3+lenny7_mipsel.deb
Debian Linux 4.0 amd64
Debian ethereal-common_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-comm on_0.99.4-5.etch.4_amd64.deb
Debian ethereal-dev_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_ 0.99.4-5.etch.4_amd64.deb
Debian ethereal_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99 .4-5.etch.4_amd64.deb
Debian tethereal_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.9 9.4-5.etch.4_amd64.deb
Debian tshark_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4 -5.etch.4_amd64.deb
Debian wireshark-common_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_0.99.4-5.etch.4_amd64.deb
Debian wireshark-dev_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _0.99.4-5.etch.4_amd64.deb
Debian wireshark_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.9 9.4-5.etch.4_amd64.deb
Debian Linux 4.0 ia-32
Debian ethereal-common_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-comm on_0.99.4-5.etch.4_i386.deb
Debian ethereal-dev_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_ 0.99.4-5.etch.4_i386.deb
Debian ethereal_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99 .4-5.etch.4_i386.deb
Debian tethereal_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.9 9.4-5.etch.4_i386.deb
Debian tshark_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4 -5.etch.4_i386.deb
Debian wireshark-common_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_0.99.4-5.etch.4_i386.deb
Debian wireshark-dev_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _0.99.4-5.etch.4_i386.deb
Debian wireshark_0.99.4-5.etch.4_i386.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshar
参考网址
来源: www.wireshark.org
链接:http://www.wireshark.org/security/wnpa-sec-2009-04.HTML
来源: VUPEN
名称: ADV-2009-1970
链接:http://www.vupen.com/english/advisories/2009/1970
来源: BID
名称: 35748
链接:http://www.securityfocus.com/bid/35748
来源: SECUNIA
名称: 35884
链接:http://secunia.com/advisories/35884
受影响实体
- Wireshark Wireshark:1.2.0
补丁
暂无
评论