Ettercap \'dissector_dhcp()\'函数远程拒绝服务漏洞
发表日期:2014-12-08 14:51:00
Ettercap \'dissector_dhcp()\'函数远程拒绝服务漏洞
BugTraq-ID:71696
CVE-ID:CVE-2014-9376
发布日期:2014-12-16
更新日期:2014-12-17
受影响系统:
Ettercap Ettercap 8.0-8.1
详细信息:
Ettercap是一个Linux和BSD系统下的多用途数据包嗅探程序。
Ettercap 8.0版本的\'dissector_dhcp()\'存在负指数/下溢漏洞,攻击者可利用此漏洞使受影响应用崩溃或执行任意代码。
来源:
Nick Sampanis
参考信息:
http://www.securityfocus.com/archive/1/534248
解决办法:
厂商补丁:
Ettercap
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://github.com/NickSampanis/ettercap/commit/e3abe7d7585ecc420a7cab73
3132
16613aadad5a
https://github.com/NickSampanis/ettercap/commit/103f16582ee88341a6a61037
8011
781cdc866b0c
https://github.com/NickSampanis/ettercap/commit/3f0c582826095c722ab6fbf9
1518
282a765a0b68
https://github.com/NickSampanis/ettercap/commit/cb7b2028dc03c628aa0a1a51
30ca
41421ddebcb2
https://github.com/NickSampanis/ettercap/commit/edd337d5d4f37ab8e330c5e0
6734
4dd5b3f10435
https://github.com/NickSampanis/ettercap/commit/37dcfdf79e1ac6dcacd56589
4cd7
717aa0224164
https://github.com/NickSampanis/ettercap/commit/c2a3c99af956146570d7883e
4b54
0b9d0c0a3c46
https://github.com/NickSampanis/ettercap/commit/6b196e011fa456499ed4650a
3609
61a2f1323818
https://github.com/NickSampanis/ettercap/commit/31b937298c8067e6b0c3217c
95ed
ceb983dfc4a2
https://github.com/NickSampanis/ettercap/commit/9e9fdc7ed1ee8eba01a5a05e
000b
6c55d2a70923