漏洞信息详情
Wireshark IPMI解析器拒绝服务漏洞
- CNNVD编号:CNNVD-200912-299
- 危害等级: 中危
- CVE编号: CVE-2009-4378
- 漏洞类型: 其他
- 发布时间: 2009-12-21
- 威胁类型: 远程
- 更新时间: 2009-12-22
- 厂 商: wireshark
- 漏洞来源: Buildbot Builder※ ...
漏洞简介
Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。
Wireshark的IPMI解析器存在拒绝服务漏洞.如果用户受骗从网络抓取了恶意的报文或读取了恶意抓包文件的话,就会导致解析模块崩溃或执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Sun Solaris 8
Sun 112390-11
http://sunsolve.sun.com/search/document.do?assetkey=1-21-112390-11-1
Sun Solaris 10
Sun 120469-02
http://sunsolve.sun.com/search/document.do?assetkey=1-21-120469-02-1
Sun Solaris 10.0_x86
Sun 120470-02
http://sunsolve.sun.com/search/document.do?assetkey=1-21-120470-02-1
Sun Solaris 9
Sun 112908-20
http://sunsolve.sun.com/search/document.do?assetkey=1-21-112908-20-1
Sun Solaris 9_x86
Sun 115168-08
http://sunsolve.sun.com/search/document.do?assetkey=1-21-115168-08-1
Sun Solaris 8_x86
Sun 112240-10
http://sunsolve.sun.com/search/document.do?assetkey=1-21-112240-10-1
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X 10.4.2
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple SecUpd2005-007Ti.dmg
http://wsidecar.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/cgi-bin/nph-reg3rdpty1.pl/product=07794&plat form=osx&method=sa/SecUpd2005-007Ti.dmg
MIT Kerberos 5 5.0 -1.4.1
MIT 2005-002-patch_1.4.1.txt.asc
http://web.mit.edu/kerberos/advisories/2005-002-patch_1.4.1.txt.asc
RedHat krb5-debuginfo-1.4.1-5.i386.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-debuginfo-1.4.1-5.ppc.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-debuginfo-1.4.1-5.x86_64.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-devel-1.4.1-5.i386.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-devel-1.4.1-5.ppc.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-devel-1.4.1-5.x86_64.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-libs-1.4.1-5.i386.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-libs-1.4.1-5.ppc.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-libs-1.4.1-5.ppc64.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-libs-1.4.1-5.x86_64.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-server-1.4.1-5.i386.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-server-1.4.1-5.ppc.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-server-1.4.1-5.x86_64.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-workstation-1.4.1-5.i386.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-workstation-1.4.1-5.ppc.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
RedHat krb5-workstation-1.4.1-5.x86_64.rpm
RedHat Fedora Core 4
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
参考网址
来源: VUPEN
名称: ADV-2009-3596
链接:http://www.vupen.com/english/advisories/2009/3596
来源: FEDORA
名称: FEDORA-2009-13592
链接:https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.HTML
来源: bugs.wireshark.org
链接:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4301
来源: www.wireshark.org
链接:http://www.wireshark.org/security/wnpa-sec-2009-09.HTML
来源: SECTRACK
名称: 1023374
链接:http://www.securitytracker.com/id?1023374
来源: BID
名称: 37407
链接:http://www.securityfocus.com/bid/37407
来源: SECUNIA
名称: 37842
链接:http://secunia.com/advisories/37842
来源: OSVDB
名称: 61179
链接:http://osvdb.org/61179
受影响实体
- Wireshark Wireshark:1.2.4
- Wireshark Wireshark:1.2.3
- Wireshark Wireshark:1.2.1
- Wireshark Wireshark:1.2.2
- Wireshark Wireshark:1.2.0
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论