Honeyd远程虚拟主机监测漏洞

漏洞信息详情

Honeyd远程虚拟主机监测漏洞

• CNNVD编号：CNNVD-200412-1104
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-2095
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-08-31
  
• 厂        商：
  
  niels_provos
• 漏洞来源：
  Discovery of this …

Honeyd 0.8之前的版本答复设置SYN和RST标志位的TCP数据包时存在漏洞。远程攻击者可以辨别Honeyd模拟的IP地址。

Gentoo has released updates to address this issue. These updates may be applied with the following commands:
emerge sync
emerge -pv “>=net-analyzer/honeyd-0.8”
emerge “>=net-analyzer/honeyd-0.8”
This issue has been addressed with the release of Honeyd 0.8.
Honeyd Honeyd 0.5

• Honeyd honeyd-0.8.tar.gz
  
  http://www.citi.umich.edu/u/provos/honeyd/honeyd-0.8.tar.gz

Honeyd Honeyd 0.6 a

• Honeyd honeyd-0.8.tar.gz
  
  http://www.citi.umich.edu/u/provos/honeyd/honeyd-0.8.tar.gz

Honeyd Honeyd 0.6

• Honeyd honeyd-0.8.tar.gz
  
  http://www.citi.umich.edu/u/provos/honeyd/honeyd-0.8.tar.gz

Honeyd Honeyd 0.7

• Honeyd honeyd-0.8.tar.gz
  
  http://www.citi.umich.edu/u/provos/honeyd/honeyd-0.8.tar.gz

Honeyd Honeyd 0.7 a

• Honeyd honeyd-0.8.tar.gz
  
  http://www.citi.umich.edu/u/provos/honeyd/honeyd-0.8.tar.gz

来源: XF
名称: honeyd-nmap-information-disclosure(14905)
链接:http://xforce.iss.net/xforce/xfdb/14905

来源: BID
名称: 9464
链接:http://www.securityfocus.com/bid/9464

来源: BUGTRAQ
名称: 20040121 [ GLSA 200401-02 ] Honeyd remote detection vulnerability via a probe packet
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=107473095118505&w=2

来源: BUGTRAQ
名称: 20040121 Honeyd Security Advisory 2004-001: Remote Detection Via Simple Probe Packet
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=107471181426047&w=2

来源: SECTRACK
名称: 1008818
链接:http://www.securitytracker.com/id?1008818

来源: OSVDB
名称: 3690
链接:http://www.osvdb.org/3690

来源: SECUNIA
名称: 10695
链接:http://secunia.com/advisories/10695

来源: SECUNIA
名称: 10694
链接:http://secunia.com/advisories/10694