你在这里

Infoblox DHCP 服务器脆弱性通告(CVE-2011-2748 | CVE-2011-2749)

2011年8月10日 ISC(国际互联网系统联盟)公布其DHCP服务器存在的弱点CVE-2011-2748 和 CVE-2011-2749。某些版本的 NIOS 受到这两个弱点的影响。受到影响的DHCP服务器存在允许攻击者使用发送精心构造的数据包导致守护进程“dhcpd”退出的弱点。

利用此弱点的远程攻击者可以直接发送精心构造的数据包给包含受影响的DHCP服务的Infoblox设备,导致Infoblox的DHCP服务中断。不开启DHCP服务的Infoblox设备不受此影响。

关于此弱点的更多信息在这里

受影响的NIOS版本:

  • NIOS 6.2.0
  • NIOS 6.1.0~6.1.3
  • NIOS 5.0r1~5.1r4-5
  • NIOS 4.2r4-0~4.3r8-4
  • NIOS 6.2.0

如果采用以上的列出的NIOS版本并且开启了DHCP服务,必须升级NIOS到以下已经解决掉CVE-2011-2748 或 CVE-2011-2749弱点的版本之一。如果不是使用以上版本的NIOS系统则不需要进行升级。

早于6.2.1的NIOS 6.2版本:

  • NIOS6.2.1 升级所有6.2.X的版本

使用 NIOS 6.1.X 与 6.0.X:

  • NIOS 6.1.4 升级所有 6.1.X 与 6.0.X版

使用 NIOS 5.1.X 与 5.0.X版本:

  • NIOS 5.1r4-6 升级所有5.1X版本, 5.1r5-0 升级所有 5.0.X版

使用 NIOS 4.2r4 到 4.2r8-4:

  • NIOS 4.3r8-5 升级之前的 4.2r4-X 到 4.3r8-4版本

推荐用户结合自身情况情况选择以下的升级操作:

  • 使用 NIOS v6.2.0的客户应该升级到 6.2.1
  • 使用 NIOS 6.0.X 与早于于6.1.4的6.1.X 版本的客户应该升级到 6.1.4
  • 使用 NIOS 5.0rX 与5.1rX的客户应该升级到 5.1r4-6
  • 使用 NIOS 4.X 版的客户应该升级到 4.3r8-5

以上提到的 NIOS 最新版本都可以在Support网站上下载到

 


以下是英文原文
On August 10, 2011 the Internet Systems Consortium (ISC) announced vulnerabilities in their DHCP server, CVE-2011-2748 and CVE-2011-2749. Some versions of Infoblox NIOS are vulnerable to both issues. A defect in the affected DHCP server versions allows an attacker to remotely cause the "dhcpd" process to exit using a specially crafted packet.

To exploit the vulnerability a remote attacker could send the specially crafted packet directly to an Infoblox appliance running a vulnerable version of DHCP. Infoblox systems with the DHCP service disabled are not vulnerable to this exploit.

More information on these alerts can be found here.

Affected NIOS versions:

  • NIOS 6.2.0
  • NIOS 6.1.0 – 6.1.3
  • NIOS 6.0.0 – 6.0.7
  • NIOS 5.0r1 – 5.1r4-5
  • NIOS 4.2r4-0 – 4.3r8-4

If you are operating a NIOS version listed above with DHCP service enabled, you must upgrade to one of the available releases that address CVE-2011-2748 or CVE-2011-2749 as listed below. If you are not running one of the versions listed above, you are not affected by CVE-2011-2748 or CVE-2011-2749 and do not need to upgrade.


For customers running NIOS 6.2 prior to 6.2.1:

  • NIOS 6.2.1 updates all previous versions of 6.2.X

For customers running NIOS 6.1.X and 6.0.X:

  • NIOS 6.1.4 updates all previous versions of 6.1.X and 6.0.X

For customers running NIOS 5.1.X and 5.0.X:

  • NIOS 5.1r4-6 or 5.1r5-0 updates all previous versions of 5.1.X and 5.0.X

For customers running NIOS 4.2r4 through 4.2r8-4:

  • NIOS 4.3r8-5 updates all previous versions of NIOS 4.2r4-X – 4.3r8-4

 

Recommendations:

  • Customers running NIOS 6.2.0 should upgrade to 6.2.1
  • Customers running NIOS 6.0.X and 6.1.X prior to 6.1.4 should upgrade to 6.1.4
  • Customers running NIOS 5.0rX and 5.1rX should upgrade to 5.1r4-6
  • Customers running NIOS 4.X should upgrade to 4.3r8-5

All NIOS updates are available on the download section of the Support site.