Cisco IOS畸形OSPF包 存在远程拒绝服务漏洞
Cisco IOS是运行于很多Cisco设备操作系统。Cisco IOS处理畸形OSPF包时存在问题,远程攻击者可以利用这个漏洞使设备重载,产生拒绝服务。<br><br> OSPF是RFC 2328定义的路由协议,设计用于管理AS内的IP路由。部分CISCO IOS在处理OSPF包时存在一个漏洞,可导致系统重载。要成功利用此漏洞攻击者必须知道配置在接口上的几个参数,如OSPF Area号码、Netmask、hello和dead timers。<br><br> 受影响系统:<br><br> Cisco IOS 12.3 (5)B1<br><br> Cisco IOS 12.3 (4)XQ<br><br> Cisco IOS 12.3 (4)XK<br><br> Cisco IOS 12.3 (4)XH<br><br> Cisco IOS 12.3 (4)XG1<br><br> Cisco IOS 12.3 (4)XD2<br><br> Cisco IOS 12.3 (4)T4<br><br> Cisco IOS 12.3 (4)EO1<br><br> Cisco IOS 12.3 (2)XC3<br><br> Cisco IOS 12.2 (21)<br><br> Cisco IOS 12.2 (20)S1<br><br> Cisco IOS 12.2 (20)S<br><br> Cisco IOS 12.0SX<br><br> Cisco IOS 12.0S<br><br> 不受影响系统:<br><br> Cisco IOS 11.3XA<br><br> Cisco IOS 11.3WA4<br><br> Cisco IOS 11.3T<br><br> Cisco IOS 11.3NA<br><br> Cisco IOS 11.3MA<br><br> Cisco IOS 11.3HA<br><br> Cisco IOS 11.3DB<br><br> Cisco IOS 11.3DA<br><br> Cisco IOS 11.3 AA<br><br> Cisco IOS 11.3.1T<br><br> Cisco IOS 11.3.1ED<br><br> Cisco IOS 11.3.11b<br><br> Cisco IOS 11.3.1<br><br> Cisco IOS 11.3(2)XA<br><br> Cisco IOS 11.3 (11b)<br><br> Cisco IOS 11.3<br><br> Cisco IOS 11.2WA3<br><br> Cisco IOS 11.2SA<br><br> Cisco IOS 11.2P<br><br> Cisco IOS 11.2GS<br><br> Cisco IOS 11.2F<br><br> Cisco IOS 11.2 BC<br><br> Cisco IOS 11.2.9XA<br><br> Cisco IOS 11.2.9P<br><br> Cisco IOS 11.2.8SA5<br><br> Cisco IOS 11.2.8SA3<br><br> Cisco IOS 11.2.8SA1<br><br> Cisco IOS 11.2.8P<br><br> Cisco IOS 11.2.8<br><br> Cisco IOS 11.2.4F1<br><br> Cisco IOS 11.2.4F<br><br> Cisco IOS 11.2.4<br><br> Cisco IOS 11.2.10BC<br><br> Cisco IOS 11.2.10<br><br> Cisco IOS 11.2(9)XA<br><br> Cisco IOS 11.2(4)XAf<br><br> Cisco IOS 11.2(4)XA<br><br> Cisco IOS 11.2(4)<br><br> Cisco IOS 11.2(19)GS0.2<br><br> Cisco IOS 11.2(17)<br><br> Cisco IOS 11.2(11)<br><br> Cisco IOS 11.2 (26a)<br><br> Cisco IOS 11.2<br><br> Cisco IOS 11.1IA<br><br> Cisco IOS 11.1 CT<br><br> Cisco IOS 11.1 CC<br><br> Cisco IOS 11.1 CA<br><br> Cisco IOS 11.1 AA<br><br> Cisco IOS 11.1.9IA<br><br> Cisco IOS 11.1.7CA<br><br> Cisco IOS 11.1.7AA<br><br> Cisco IOS 11.1.7<br><br> Cisco IOS 11.1.17CT<br><br> Cisco IOS 11.1.17CC<br><br> Cisco IOS 11.1.16IA<br><br> Cisco IOS 11.1.16AA<br><br> Cisco IOS 11.1.16<br><br> Cisco IOS 11.1.15IA<br><br> Cisco IOS 11.1.15 CA<br><br> Cisco IOS 11.1.15 AA<br><br> Cisco IOS 11.1.15<br><br> Cisco IOS 11.1.13IA<br><br> Cisco IOS 11.1.13 CA<br><br> Cisco IOS 11.1.13 AA<br><br> Cisco IOS 11.1.13<br><br> Cisco IOS 11.1(36)CC2<br><br> Cisco IOS 11.1 (24a)<br><br> Cisco IOS 11.1<br><br> Cisco IOS 11.0x<br><br> Cisco IOS 11.0.x<br><br> Cisco IOS 11.0.20.3<br><br> Cisco IOS 11.0.17BT<br><br> Cisco IOS 11.0.17<br><br> Cisco IOS 11.0.12(a)BT<br><br> Cisco IOS 11.0.12<br><br> Cisco IOS 11.0 (22a)<br><br> Cisco IOS 11.0 (18)<br><br> Cisco IOS 11.0<br><br> Cisco IOS 10.3.4.3<br><br> Cisco IOS 10.3.4.2<br><br> Cisco IOS 10.3.3.4<br><br> Cisco IOS 10.3.3.3<br><br> Cisco IOS 10.3.19a<br><br> Cisco IOS 10.3.16<br><br> Cisco IOS 10.3<br><br> 补丁下载:<br><br> Cisco已经为此发布了一个安全公告(cisco-sa-20040818-ospf)以及相应补丁:<br><br> cisco-sa-20040818-ospf:Cisco IOS Malformed OSPF Packet Causes Reload<br><br> 链接:http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml 好久没SBB入帐了,呵呵,灌水
页:
[1]