Streamripper HTTP头字段解析缓冲区溢出漏洞

2006-11-06T00:00:00
ID SSV:447
Type seebug
Reporter Root
Modified 2006-11-06T00:00:00

Description

StreamRipper能够将网上的MP3流媒体保存到硬盘中,特别适合录制网络MP3广播。

StreamRipper在处理服务器返回的某些HTTP头字段时存在缓冲区溢出,远程攻击者可能利用此漏洞在用户机器上执行任意指令。

如果用户受骗访问了攻击设置的恶意服务器的话就可能触发这个漏洞,导致执行任意指令。

Streamripper Streamripper 1.61.25 Streamripper Streamripper 1.61.24

Debian

Debian已经为此发布了一个安全公告(DSA-1158-1)以及相应补丁: DSA-1158-1:New streamripper packages fix arbitrary code execution 链接:<a href="http://www.debian.org/security/2005/dsa-1158" target="_blank">http://www.debian.org/security/2005/dsa-1158</a>

补丁下载:

Source archives:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1.dsc" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1.dsc</a> Size/MD5 checksum: 684 81c2011992a47019464e689e62a0e2fc <a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1.diff.gz" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1.diff.gz</a> Size/MD5 checksum: 2748 a55c6752bf1f5cd184516e018f7b1d5b <a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7.orig.tar.gz" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7.orig.tar.gz</a> Size/MD5 checksum: 245448 87e16d42fb7625525eafe769edd2e9b3

Alpha architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_alpha.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_alpha.deb</a> Size/MD5 checksum: 62730 a11cd910042103cd75a229468e786a25

AMD64 architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_amd64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_amd64.deb</a> Size/MD5 checksum: 55886 93a8ab72c2a969b8eee99c9e105d8ad1

ARM architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_arm.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_arm.deb</a> Size/MD5 checksum: 51734 3d19a4711f9373be5630e1024f515ddc

Intel IA-32 architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_i386.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_i386.deb</a> Size/MD5 checksum: 51694 cb59ef062ca1ca0c74a5b7359d2b5acd

Intel IA-64 architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_ia64.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_ia64.deb</a> Size/MD5 checksum: 68218 ff13f983398a4694350916f4d44a817c

HP Precision architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_hppa.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_hppa.deb</a> Size/MD5 checksum: 57016 aad39a310b38f131840929345cf50d6b

Motorola 680x0 architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_m68k.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_m68k.deb</a> Size/MD5 checksum: 47922 a19ab1dd7fb150ae73fce92e519ab94e

Big endian MIPS architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_mips.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_mips.deb</a> Size/MD5 checksum: 57088 b90697a7aecf7c2d838bdfae4af1ccc5

Little endian MIPS architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_mipsel.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_mipsel.deb</a> Size/MD5 checksum: 57490 0f1fbaeeec94a7f4c4d1340e68d611bb

PowerPC architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_powerpc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_powerpc.deb</a> Size/MD5 checksum: 55912 b2590326f71ddb6f9bf44fc933b28c50

IBM S/390 architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_s390.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_s390.deb</a> Size/MD5 checksum: 55456 60afcd68f13f131040c68cde36f4464a

Sun Sparc architecture:

<a href="http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_sparc.deb" target="_blank">http://security.debian.org/pool/updates/main/s/streamripper/streamripper_1.61.7-1sarge1_sparc.deb</a> Size/MD5 checksum: 51266 73736226d97be58202e1619518e3ae25

补丁安装方法:

  1. 手工安装补丁包:

首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址)

然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)

  1. 使用apt-get自动安装补丁包:

首先,使用下面的命令更新内部数据库: # apt-get update

然后,使用下面的命令安装更新软件包: # apt-get upgrade

Streamripper

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href="http://sourceforge.net/project/showfiles.php?group_id=6172" target="_blank">http://sourceforge.net/project/showfiles.php?group_id=6172</a>