honeyd,Honeyd远程虚拟主机检测漏洞

Honeyd远程虚拟主机检测漏洞 - 网络安全 - 电脑教程网

Honeyd远程虚拟主机检测漏洞

日期:2007-02-06   荐:
  漏洞信息  Honeyd是一款小型的守护程序, 可以在网络上创建虚拟主机。  Honeyd处理IP重组代码存在问题,远程攻击者可以利用漏洞检测虚拟主机。  成功的攻击可允许远程攻击者枚举Honeyd主机并对这些目标机器进行攻击。目前没有详细漏洞细节提供。  BUGTRAQ ID: 16595  CNCAN ID:CNCAN-2006021403  漏洞消息时间:2006-02-13  漏洞起因  设计错误  影响系统  Honeyd Honeyd 0.8  Honeyd Honeyd 0.7 a  Honeyd Honeyd 0.7  Honeyd Honeyd 0.6 a  Honeyd Honeyd 0.6  Honeyd Honeyd 0.5  Honeyd Honeyd 1.0  Honeyd Honeyd 0.8 b  Honeyd Honeyd 0.8 a  不受影响系统  Honeyd Honeyd 1.5  危害  远程攻击者可以利用漏洞检测虚拟主机。  攻击所需条件  攻击者必须访问Honeyd。  厂商解决方案  升级程序:  http://www.honeyd.org/adv.2006-01.patchhttp://www.honeyd.org/adv.2006-01.patch  Honeyd Honeyd 0.8 b   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 1.0   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.8 a   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.5   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.6 a   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.6   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.7 a   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.7   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  Honeyd Honeyd 0.8   * Honeyd Honeyd 1.5   http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz  漏洞提供者  Jon Oberheide.  漏洞消息链接  http://www.securityfocus.com/bid/16595  漏洞消息标题  Honeyd IP Reassembly Remote Virtual Host Detection Vulnerability

(出处:http://www.sheup.com)




标签: