漏洞公告
临时解决方法:
如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 在没有安装补丁之前,建议您立刻关闭rpc.ttdbserverd程序。
以Solaris系统为例:
首先变成root身份,然后使用您熟悉的编辑器打开/etc/inetd.conf文件,找到如下行:
100083/1 tli rpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd rpc.ttdbserverd
在该行的开始处增加"#"号来将其注释:
#100083/1 tli rpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd rpc.ttdbserverd
存盘退出。然后重启inetd:
# ps -ef|grep inetd
# kill -HUP 厂商补丁:
Caldera
-------
Caldera已经为此发布了一个安全公告(CSSA-2001-SCO.28)以及相应补丁:
CSSA-2001-SCO.28:Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability
补丁下载:
Caldera UnixWare 7:
Caldera Patch erg711831.Z
Caldera OpenUnix 8.0:
Caldera Patch erg711831.Z
SSRT0767U:SSRT0767U Potential rpc.ttdbserverd buffer overflow
补丁下载:
Compaq Tru64 4.0 g:
Compaq Patch T64V40GAS0003-20010613.tar
Compaq Digital Unix 4.0 f:
Compaq Patch DUV40FAS0006-20010620.tar
Compaq Tru64 5.0 a:
Compaq Patch T64V50AAS0003-20010523.tar
Compaq Tru64 5.1:
Compaq Patch T64V51AS0003-20010413.tar
HP
--
HP已经为此发布了一个安全公告(HPSBUX0110-168)以及相应补丁:
HPSBUX0110-168:Sec. Vulnerability in rpc.ttbdserverd (rev.3)
链接:
补丁下载:
HP HP-UX 10.10:
HP Patch PHSS_25136
HP HP-UX 10.20:
HP Patch PHSS_25137
HP HP-UX (VVOS) 10.24:
HP Patch PHSS_25419
HP HP-UX (VVOS) 11.0 4:
HP Patch PHSS_25420
HP HP-UX 11.0:
HP Patch PHSS_25138
HP HP-UX 11.11:
HP Patch PHSS_25139
IBM
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
IBM AIX 4.3:
IBM Hotfix tooltalk_efix.tar.Z
IBM APAR IY24387
IBM AIX 4.3.1:
IBM Hotfix tooltalk_efix.tar.Z
IBM APAR IY24387
IBM AIX 4.3.2:
IBM Hotfix tooltalk_efix.tar.Z
IBM APAR IY24387
IBM AIX 4.3.3:
IBM Hotfix tooltalk_efix.tar.Z
IBM APAR IY24387
IBM AIX 5.1:
IBM Hotfix tooltalk_efix.tar.Z
Sun-00212:rpc.ttdbserverd
补丁下载:
OS Version Patch ID
__________ _________
SunOS 5.8 110286-04
SunOS 5.8_x86 110287-04
SunOS 5.7 107893-15
SunOS 5.7_x86 107894-14
SunOS 5.6 105802-16
SunOS 5.6_x86 105803-18
SunOS 5.5.1 104489-14
SunOS 5.5.1_x86 105496-12
SunOS 5.5 104428-12
SunOS 5.5_x86 105495-10
您可以使用下列链接来下载相应补丁:
例如,对于代号为111596-02的补丁,您可以使用下列链接:
补丁安装方法:
1. 首先用unzip或者uncompress命令将补丁包解压缩
2. 然后使用patchadd 命令安装补丁,例如:
# patchadd /var/spool/patch/104945-02
假设要安装的补丁号是104945-02, 解压之后的目录在:"/var/spool/patch/104945-02"