Cisco IOS OSPF远程缓冲区溢出漏洞

2019-11-05 01:04:39

字体：大中小

来源：转载

供稿：网友

信息提供：

安全公告（或线索）提供热线：51cto.editor@Gmail.com

漏洞类别：

溢出错误

攻击类型：

嵌入恶意代码

发布日期：

2003-02-20

更新日期：

2003-02-28

受影响系统：

Cisco IOS 12.0.7(T)

Cisco IOS 12.0.4T

Cisco IOS 12.0.4S

Cisco IOS 12.0.3T2

Cisco IOS 12.0.2XG

Cisco IOS 12.0.2XF

Cisco IOS 12.0.2XD

Cisco IOS 12.0.2XC

Cisco IOS 12.0.2

Cisco IOS 12.0.1XE

Cisco IOS 12.0.1XB

Cisco IOS 12.0.1XA3

Cisco IOS 12.0.1W

Cisco IOS 12.0.1

Cisco IOS 12.0(9)S

Cisco IOS 12.0(8.3)SC

Cisco IOS 12.0(8.0.2)S

Cisco IOS 12.0(8)

Cisco IOS 12.0(7.4)S

Cisco IOS 12.0(7)XK

Cisco IOS 12.0(7)T

Cisco IOS 12.0(7)SC

Cisco IOS 12.0(7)S1

Cisco IOS 12.0(5.1)XP

Cisco IOS 12.0(5)XK

Cisco IOS 12.0(5)T1

Cisco IOS 12.0(5)T

Cisco IOS 12.0(18)S

Cisco IOS 12.0(17)S

Cisco IOS 12.0(17)

Cisco IOS 12.0(16.06)S

Cisco IOS 12.0(16)W5(21)

Cisco IOS 12.0(15)S3

Cisco IOS 12.0(14)W5(20)

Cisco IOS 12.0(14)ST

Cisco IOS 12.0(13)W5(19c)

Cisco IOS 12.0(10)W5(18g)

Cisco IOS 12.0(10)W5

Cisco IOS 12.0 (3)

Cisco IOS 12.0 (19)

Cisco IOS 12.0

Cisco IOS 11.3XA

Cisco IOS 11.3WA4

Cisco IOS 11.3T

Cisco IOS 11.3NA

Cisco IOS 11.3MA

Cisco IOS 11.3HA

Cisco IOS 11.3DB

Cisco IOS 11.3DA

Cisco IOS 11.3AA

Cisco IOS 11.3.1T

Cisco IOS 11.3.1ED

Cisco IOS 11.3.11b

Cisco IOS 11.2.9XA

Cisco IOS 11.2.9P

Cisco IOS 11.2.8SA5

Cisco IOS 11.2.8SA3

Cisco IOS 11.2.8SA1

Cisco IOS 11.2.8P

Cisco IOS 11.2.4F1

Cisco IOS 11.2.4F

Cisco IOS 11.2.10BC

Cisco IOS 11.2(9)XA

Cisco IOS 11.2(4)XAf

Cisco IOS 11.2(4)XA

Cisco IOS 11.2(4)

Cisco IOS 11.2(19)GS0.2

Cisco IOS 11.2(17)

Cisco IOS 11.2 (26a)

Cisco IOS 11.2

Cisco IOS 11.1IA

Cisco IOS 11.1CT

Cisco IOS 11.1CC

Cisco IOS 11.1CA

Cisco IOS 11.1AA

Cisco IOS 11.1.9IA

Cisco IOS 11.1.7CA

Cisco IOS 11.1.7AA

Cisco IOS 11.1.17CT

Cisco IOS 11.1.17CC

Cisco IOS 11.1.16IA

Cisco IOS 11.1.16AA

Cisco IOS 11.1.16

Cisco IOS 11.1.15IA

Cisco IOS 11.1.15CA

Cisco IOS 11.1.15AA

Cisco IOS 11.1.15

Cisco IOS 11.1.13IA

Cisco IOS 11.1.13CA

Cisco IOS 11.1.13AA

Cisco IOS 11.1.13

Cisco IOS 11.1(36)CC2

Cisco IOS 11.1 (24a)

Cisco IOS 11.1

安全系统：

Cisco IOS 12.1 (1)T

Cisco IOS 12.1 (1)DC

Cisco IOS 12.1 (1)DB

Cisco IOS 12.1 (1)

Cisco IOS 12.0 (19)ST

Cisco IOS 12.0 (19)S

漏洞报告人：

FX （fx@phenoelit.de）

漏洞描述：

BUGTRAQ ID: 6895

CVE(CAN) ID: CVE-2003-0100

Internet Operating System (IOS)是一款使用于CISCO路由器上的操作系统。

CISCO IOS在处理畸形OSPF包时存在缓冲区溢出，远程攻击者可以利用这个漏洞可能在设备上执行恶意指令及进行恶意拒绝服务攻击。

部分Cisco IOS版本中包含的OSPF实现在一个接口上接收到超过255个OSPF邻居的通告时，会发生IO内存结构破坏，FX of Phenoelit研究提供了利用这个漏洞在路由器上执行恶意代码及的程序。

Cisco Bug CSCdp58462对此漏洞进行了具体描述。

测试方法：

无

解决方法：

临时解决方法：

假如您不能马上安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁：

* 在路由器上配置使用OSPF md5验证。

* 设置正确的访问控制答应部分OSPF邻居访问：

access-list 100 permit ospf host a.b.c.x host 224.0.0.5

access-list 100 permit ospf host a.b.c.x host interface_ip

access-list 100 permit ospf host a.b.c.y host 224.0.0.5

access-list 100 permit ospf host a.b.c.y host interface_ip

access-list 100 permit ospf host a.b.c.z host 224.0.0.5

access-list 100 permit ospf host a.b.c.z host interface_ip

access-list 100 permit ospf any host 224.0.0.6

access-list 100 deny ospf any any

access-list 100 permit ip any any

厂商补丁：

Cisco

-----

Cisco IOS版本11.1 - 12.0存在此漏洞，Cisco在如下IOS版本中已经修补此漏洞：

12.0(19)S

12.0(19)ST

12.1(1)

12.1(1)DB

12.1(1)DC

12.1(1)T

及之后的版本。

http://www.cisco.com/warp/public/707/advisory.Html

上一篇：Cisco IOS Service Assurance Agent畸形包远程拒绝服务攻击漏洞

下一篇：Cisco IOS OSPF路由表破坏漏洞