漏洞信息 Honeyd是一款小型的守护程序, 可以在网络上创建虚拟主机。 Honeyd处理IP重组代码存在问题,远程攻击者可以利用漏洞检测虚拟主机。 成功的攻击可允许远程攻击者枚举Honeyd主机并对这些目标机器进行攻击。目前没有详细漏洞细节提供。 BUGTRAQ ID: 16595 CNCAN ID:CNCAN-2006021403 漏洞消息时间:2006-02-13 漏洞起因 设计错误 影响系统 Honeyd Honeyd 0.8 Honeyd Honeyd 0.7 a Honeyd Honeyd 0.7 Honeyd Honeyd 0.6 a Honeyd Honeyd 0.6 Honeyd Honeyd 0.5 Honeyd Honeyd 1.0 Honeyd Honeyd 0.8 b Honeyd Honeyd 0.8 a 不受影响系统 Honeyd Honeyd 1.5 危害 远程攻击者可以利用漏洞检测虚拟主机。 攻击所需条件 攻击者必须访问Honeyd。 厂商解决方案 升级程序: http://www.honeyd.org/adv.2006-01.patchhttp://www.honeyd.org/adv.2006-01.patch Honeyd Honeyd 0.8 b * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 1.0 * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.8 a * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.5 * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.6 a * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.6 * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.7 a * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.7 * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz Honeyd Honeyd 0.8 * Honeyd Honeyd 1.5 http://www.citi.umich.edu/u/provos/honeyd/honeyd-1.5.tar.gz 漏洞提供者 Jon Oberheide. 漏洞消息链接 http://www.securityfocus.com/bid/16595 漏洞消息标题 Honeyd IP Reassembly Remote Virtual Host Detection Vulnerability
(出处:http://www.sheup.com)