双乳被一左一右吃着动态图,小泽マリアAV无码观看,欧美高清性xxxxhdvideosex,国产午夜精品一区二区三区四区

關(guān)于DNSmasq存在多個(gè)高危漏洞的安全公告

2017-10-10 16:04:47

安全公告編號(hào):CNTA-2017-0068

近期,國(guó)家信息安全漏洞共享平臺(tái)(CNVD)收錄了DNSmasq多個(gè)安全漏洞(CNVD-2017-29278、CNVD-2017-29277、CNVD-2017-29276、CNVD-2017-29275、CNVD-2017-29274、CNVD-2017-29273、CNVD-2017-29272)。遠(yuǎn)程攻擊者可在目標(biāo)系統(tǒng)上執(zhí)行任意代碼、造成服務(wù)崩潰或竊取內(nèi)存敏感信息,影響范圍涉及服務(wù)器、終端(包括移動(dòng)終端)操作系統(tǒng)發(fā)行版本及相關(guān)組件,且當(dāng)前利用方法已經(jīng)公開(kāi),有可能誘發(fā)大規(guī)模攻擊。

一、漏洞情況分析

DNSmasq是一款廣泛使用的開(kāi)源軟件,提供DNS、DHCP、路由器廣告和網(wǎng)絡(luò)引導(dǎo)服務(wù)。在DNS服務(wù)中,DNSmasq可以通過(guò)緩存DNS請(qǐng)求來(lái)提高對(duì)訪問(wèn)過(guò)的網(wǎng)址的連接速度;在DHCP 服務(wù),DNSmasq可以用于為局域網(wǎng)電腦分配內(nèi)網(wǎng)ip地址和提供路由。它還被廣泛用于智能手機(jī)和便攜式熱點(diǎn),并支持虛擬化框架中的虛擬網(wǎng)絡(luò)。支持的平臺(tái)包括Linux(與glibc和uclibc)、Android、* BSD和Mac OSx。Dnsmasq包含在大多數(shù)Linux發(fā)行版和FreeBSD、OpenBSD和NetBSD的端口系統(tǒng)中。此外,Dnsmasq對(duì)IPv6網(wǎng)絡(luò)也提供了完整支持。

近日谷歌安全研究人員發(fā)現(xiàn)Dnsmasq存在7個(gè)高危漏洞,相關(guān)漏洞詳情如下:

上述漏洞可以通過(guò)DNS和DHCP協(xié)議遠(yuǎn)程觸發(fā),在特定情況下,攻擊者通過(guò)構(gòu)造特定數(shù)據(jù)包請(qǐng)求,導(dǎo)致遠(yuǎn)程代碼執(zhí)行、信息泄露和拒絕服務(wù)。CNVD對(duì)上述漏洞的綜合評(píng)級(jí)均為“高危”。

二、漏洞影響范圍

漏洞影響范圍十分廣泛,涉及Linux以及Android操作系統(tǒng)發(fā)行版本以及多個(gè)自身組件版本,也波及到一些網(wǎng)絡(luò)設(shè)備或終端設(shè)備固件。CNVD用戶組成員單位華為公司對(duì)其生產(chǎn)的產(chǎn)品情況進(jìn)行了風(fēng)險(xiǎn)自查,在已排查的有可能采用相關(guān)組件的HG8021H、HG8045A、HG8045A2、HG8245A、HG8247H多款路由器中,確認(rèn)未受漏洞影響。

三、漏洞處置建議

DNSmasq 2.78版本已修復(fù)了這些漏洞,用戶可通過(guò)鏈接:http://www.thekelleys.org.uk/dnsmasq/自行更新。如未能更新,可以采用以下臨時(shí)解決方案:

必要情況下,請(qǐng)關(guān)閉影響DNSmasq安全的配置選項(xiàng);使用白名單機(jī)制,這樣可以使DNSmasq服務(wù)限制訪問(wèn)權(quán)限;使用可信的DNS服務(wù)。

參考鏈接:

http://www.thekelleys.org.uk/dnsmasq/doc.html

http://www.securityfocus.com/bid/101085

http://securitytracker.com/id/1039474

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29278

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29277

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29276

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29275

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29274

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29273

http://www.cnvd.org.cn/flaw/show/CNVD-2017-29272

http://www.huawei.com/cn/psirt/security-notices/2017/huawei-sn-20171006-01-dnsmasq-cn?(華為自查公告)

http://blog.trendmicro.com/trendlabs-security-intelligence/dnsmasq-reality-check-remediation-practices/?from=singlemessage&isappinstalled=0?(趨勢(shì)科技提供的臨時(shí)解決方案)



附:受影響的操作系統(tǒng)發(fā)行版本以及相關(guān)組件列表
Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
Thekelleys Dnsmasq 1.2.2?
Thekelleys Dnsmasq 2.77
Thekelleys Dnsmasq 2.75
Thekelleys Dnsmasq 2.72
Thekelleys Dnsmasq 2.71
Thekelleys Dnsmasq 2.70
Thekelleys Dnsmasq 2.7
Thekelleys Dnsmasq 2.65
Thekelleys Dnsmasq 2.64
Thekelleys Dnsmasq 2.63
Thekelleys Dnsmasq 2.62
Thekelleys Dnsmasq 2.61
Thekelleys Dnsmasq 2.60
Thekelleys Dnsmasq 2.6
Thekelleys Dnsmasq 2.59
Thekelleys Dnsmasq 2.58
Thekelleys Dnsmasq 2.57
Thekelleys Dnsmasq 2.56
Thekelleys Dnsmasq 2.55
Thekelleys Dnsmasq 2.54
Thekelleys Dnsmasq 2.53
Thekelleys Dnsmasq 2.52
Thekelleys Dnsmasq 2.51
Thekelleys Dnsmasq 2.50
Thekelleys Dnsmasq 2.49
Thekelleys Dnsmasq 2.48
Thekelleys Dnsmasq 2.47
Thekelleys Dnsmasq 2.46
Thekelleys Dnsmasq 2.45
Thekelleys Dnsmasq 2.44
Thekelleys Dnsmasq 2.43
Thekelleys Dnsmasq 2.42
Thekelleys Dnsmasq 2.41
Thekelleys Dnsmasq 2.40
Thekelleys Dnsmasq 2.4
Thekelleys Dnsmasq 2.38
Thekelleys Dnsmasq 2.37
Thekelleys Dnsmasq 2.36
Thekelleys Dnsmasq 2.35
Thekelleys Dnsmasq 2.34
Thekelleys Dnsmasq 2.33
Thekelleys Dnsmasq 2.30
Thekelleys Dnsmasq 2.29
Thekelleys Dnsmasq 2.28
Thekelleys Dnsmasq 2.27
Thekelleys Dnsmasq 2.26
Thekelleys Dnsmasq 2.25
Thekelleys Dnsmasq 2.24
Thekelleys Dnsmasq 2.23
Thekelleys Dnsmasq 2.22
Thekelleys Dnsmasq 2.21
Thekelleys Dnsmasq 2.20
Thekelleys Dnsmasq 2.2
Thekelleys Dnsmasq 2.19?
Thekelleys Dnsmasq 2.18
Thekelleys Dnsmasq 2.17
Thekelleys Dnsmasq 2.16
Thekelleys Dnsmasq 2.15
Thekelleys Dnsmasq 2.14
Thekelleys Dnsmasq 2.13
Thekelleys Dnsmasq 2.12
Thekelleys Dnsmasq 2.11
Thekelleys Dnsmasq 2.10
Thekelleys Dnsmasq 1.9
Thekelleys Dnsmasq 1.8
Thekelleys Dnsmasq 1.6
Thekelleys Dnsmasq 1.5
Thekelleys Dnsmasq 1.4
Thekelleys Dnsmasq 1.3
Thekelleys Dnsmasq 1.18
Thekelleys Dnsmasq 1.17
Thekelleys Dnsmasq 1.16
Thekelleys Dnsmasq 1.15
Thekelleys Dnsmasq 1.14
Thekelleys Dnsmasq 1.13
Thekelleys Dnsmasq 1.12
Thekelleys Dnsmasq 1.11
Thekelleys Dnsmasq 1.10
Thekelleys Dnsmasq 1.0
Thekelleys Dnsmasq 0.996
Thekelleys Dnsmasq 0.992
Thekelleys Dnsmasq 0.98
Thekelleys Dnsmasq 0.96
Thekelleys Dnsmasq 0.95
Thekelleys Dnsmasq 0.7
Thekelleys Dnsmasq 0.6
Thekelleys Dnsmasq 0.5
Thekelleys Dnsmasq 0.4
Slackware Slackware Linux 14.2
Slackware Slackware Linux 14.1
Slackware Slackware Linux 14.0
Slackware Slackware Linux 13.37
Slackware Slackware Linux 13.1
Slackware Slackware Linux 13.0
Redhat Enterprise Linux Workstation Optional 7
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server TUS 6.6
Redhat Enterprise Linux Server TUS 6.5
Redhat Enterprise Linux Server Optional EUS 7.3
Redhat Enterprise Linux Server Optional EUS 7.2
Redhat Enterprise Linux Server Optional EUS 6.5
Redhat Enterprise Linux Server Optional AUS 6.6
Redhat Enterprise Linux Server Optional AUS 6.5
Redhat Enterprise Linux Server Optional AUS 6.4
Redhat Enterprise Linux Server Optional 7
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server for ARM 7
Redhat Enterprise Linux Server EUS 7.3
Redhat Enterprise Linux Server EUS 7.2
Redhat Enterprise Linux Server AUS 6.6
Redhat Enterprise Linux Server AUS 6.5
Redhat Enterprise Linux Server AUS 6.4
Redhat Enterprise Linux Server AUS 6.2
Redhat Enterprise Linux Server - TUS 7.4
Redhat Enterprise Linux Server - TUS 7.3
Redhat Enterprise Linux Server - TUS 7.2
Redhat Enterprise Linux Server - Extended Update Support 7.4
Redhat Enterprise Linux Server - Extended Update Support 7.2
Redhat Enterprise Linux Server - Extended Update Suppor 7.3
Redhat Enterprise Linux Server - AUS 7.4
Redhat Enterprise Linux Server - AUS 7.3
Redhat Enterprise Linux Server - AUS 7.2
Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.4
Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.2
Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Upd 7.3
Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Update Support 7.4
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux Server 5
Redhat Enterprise Linux Long Life 5.9 server
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux for Scientific Computing 7
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4
Redhat Enterprise Linux for Power, little endian 7
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4
Redhat Enterprise Linux for Power, big endian 7
Redhat Enterprise Linux for Power little endian - Extended Update Suppo 7.3
Redhat Enterprise Linux for Power little endian - Extended Update Suppo 7.2
Redhat Enterprise Linux for Power big endian - Extended Update Support 7.3
Redhat Enterprise Linux for Power big endian - Extended Update Support 7.2
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.3
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.2
Redhat Enterprise Linux for IBM z Systems 7
Redhat Enterprise Linux EUS Compute Node 7.4
Redhat Enterprise Linux EUS Compute Node 7.3
Redhat Enterprise Linux EUS Compute Node 7.2
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 7
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux ComputeNode Optional EUS 7.3
Redhat Enterprise Linux ComputeNode Optional EUS 7.2
Redhat Enterprise Linux ComputeNode Optional 7
Redhat Enterprise Linux ComputeNode EUS 7.3
Redhat Enterprise Linux ComputeNode EUS 7.2
Redhat Enterprise Linux ComputeNode 7
Oracle Linux 7
Oracle Linux 6
openSUSE Leap 42.3
openSUSE Leap 42.2
Kubernetes Kubernetes 1.7.6?
Kubernetes Kubernetes 1.7?
Kubernetes Kubernetes 1.6.10?
Kubernetes Kubernetes 1.6?
Kubernetes Kubernetes 1.5.7?
Kubernetes Kubernetes 1.5?
Kubernetes Kubernetes 1.2?
Google Android 7.1.1?
Google Android 6.0.1?
Google Android 5.1.1?
Google Android 5.0.2?
Google Android 4.4.4?
Google Android 8.0
Google Android 7.1.2
Google Android 7.0
Google Android 6.0
Fedoraproject Fedora 27
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 ia-30
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 7
CentOS CentOS 6