临时解决方法：

如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁：


* 禁止访问受影响的服务或应用程序

管理员可以禁止用户访问用受影响的xdr_array()函数编写的服务或应用程序。这些应用程序包括但不仅限于下列程序:
　
(1) Sun DMI Service Provider daemon (dmispd)

# /etc/init.d/init.dmi stop
# mv /etc/rc3.d/S77dmi /etc/rc3.d/DISABLED_S77dmi

(2) Sun CDE Calendar Manager Service daemon (rpc.cmsd)

编辑/etc/inetd.conf, 将下列行的前面加上'#'号以注释掉该服务：
100068/2-5 dgram rpc/udp wait root /usr/dt/bin/rpc.cmsd rpc.cmsd
保存修改，然后重启inetd
# ps -ef | grep inetd
# kill -HUP

(3) MIT Kerberos 5 Administration daemon (kadmind)

厂商补丁：
Apple
-----
目前厂商已经发布了升级补丁包Security Update 2002-08-02(SecurityUpd2002-08-02.dmg)以修复这个安全问题，您可以在厂商主页上下载：

http://docs.info.apple.com/article.html?artnum=120139

SSL server:
https://depot.info.apple.com/security/129403bc5e184e3b7367.html

Debian
------
Debian已经为此发布了三个安全公告（DSA-142-1以及DSA-143-1，DSA-149-1）以及相应补丁:

DSA-142-1：New OpenAFS packages fix integer overflow bug
链接：http://www.debian.org/security/2002/dsa-142


DSA-143-1：New krb5 packages fix integer overflow bug
链接：http://www.debian.org/security/2002/dsa-143

DSA-149-1：New glibc packages fix security related problems
链接：http://www.debian.org/security/2002/dsa-149

您可以参考上述安全公告进行升级。

FreeBSD
-------
FreeBSD已经为此发布了一个安全公告（FreeBSD-SA-02:34）以及相应补丁:
FreeBSD-SA-02:34：Sun RPC XDR decoder contains buffer overflow
链接：ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:34.rpc.asc

可采取下列解决方案之一:

1) 将受影响系统升级到4.6-STABLE；或者修正日期后发布的RELENG_4_6、RELENG_4_5
或RELENG_4_4 security branch(4.6.1-RELEASE-p6、4.5-RELEASE-p15或
4.4-RELEASE-p22)。

2) 为现有系统安装补丁:

经验证，下列补丁适用于FreeBSD 4.4、4.5和FreeBSD 4.6系统。

a) 从下列地址下载相关补丁，并用你的PGP工具核实分开的PGP签名。

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:34/rpc.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:34/rpc.patch.asc

b) 以root身份执行下列命令:

# cd /usr/src
# patch < /path/to/patch

c) 按下述介绍重编操作系统：
.

注意，任何静态链接的应用程序均非基础系统的一部分(可能来自移植集或其它第三方来源)，如果它们使用SunRPC，就必须重新编译。

所有受影响的应用程序要使用已修复的库都必须重启。虽然这不是必须的步骤，但是重启系统可能是最简单的方法。

GNU
---
GNU C库的2.2.5及之前版本受此漏洞影响，对于2.2.5版，我们建议用户使用下列补丁。这一补丁也可以从GNU C Library CVS软件库下载:

http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/sunrpc/xdr_array.c.diff?r1=1.5&r2=1.5.2.1&cvsroot=glibc

MIT
---
MIT已经为此发布了一个安全公告（MITKRB5-SA-2002-001）以及相应补丁:
MITKRB5-SA-2002-001：Remote root vulnerability in MIT krb5 admin system
链接：http://web.mit.edu/kerberos/www/advisories/2002-001-xdr_array_patch.txt.asc

补丁下载：

http://web.mit.edu/kerberos/www/advisories/2002-001-xdr_array_patch.txt

上述补丁是针对krb5-1.2.5的，在应用补丁之后需要重建软件树。

NetBSD
------
NetBSD已经为此发布了一个安全公告（NetBSD-SA2002-011）以及相应补丁:
NetBSD-SA2002-011：Sun RPC XDR decoder contains buffer overflow
链接：ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc

补丁下载：

* NetBSD-current:

正在运行2002-08-01之前的NetBSD-current的系统应该升级到2002-08-01或者之后的系统

从CVS升级、重建、重装libc的步骤如下：
# cd src
# cvs update -d -P lib/libc/rpc

# cd lib/libc
# make cleandir dependall
# make install


* NetBSD 1.6 beta:

正在运行2002-08-02之前的NetBSD-1.6分支的系统应该升级到2002-08-02或者之后的系统


从CVS升级、重建、重装libc的步骤如下：
# cd src
# cvs update -d -P -r netbsd-1-6 lib/libc/rpc

# cd lib/libc
# make cleandir dependall
# make install


* NetBSD 1.5, 1.5.1, 1.5.2, 1.5.3:

正在运行2002-08-02之前的NetBSD-1.5分支的系统应该升级到2002-08-02或者之后的系统

从CVS升级、重建、重装libc的步骤如下：
# cd src
# cvs update -d -P -r netbsd-1-5 lib/libc/rpc

# cd lib/libc
# make cleandir dependall
# make install

OpenBSD
-------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/012_xdr.patch

RedHat
------
RedHat已经为此发布了一个安全公告（RHSA-2002:166-07）以及相应补丁:
RHSA-2002:166-07：Updated glibc packages fix vulnerabilities in RPC XDR decoder
链接：https://www.redhat.com/support/errata/RHSA-2002-166.html

补丁下载：

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/glibc-2.1.3-26.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-2.1.3-26.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-devel-2.1.3-26.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-profile-2.1.3-26.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/nscd-2.1.3-26.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/glibc-2.1.3-26.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/glibc-devel-2.1.3-26.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/glibc-profile-2.1.3-26.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/nscd-2.1.3-26.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-2.1.3-26.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-devel-2.1.3-26.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-profile-2.1.3-26.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/nscd-2.1.3-26.sparc.rpm

sparcv9:
ftp://updates.redhat.com/6.2/en/os/sparcv9/glibc-2.1.3-26.sparcv9.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.6.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-2.2.4-18.7.0.6.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.6.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.6.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.6.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/nscd-2.2.4-18.7.0.6.alpha.rpm

alphaev6:
ftp://updates.redhat.com/7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.6.alphaev6.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/glibc-2.2.4-18.7.0.6.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-common-2.2.4-18.7.0.6.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.6.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.6.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/nscd-2.2.4-18.7.0.6.i386.rpm

i686:
ftp://updates.redhat.com/7.0/en/os/i686/glibc-2.2.4-18.7.0.6.i686.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/glibc-2.2.4-29.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-2.2.4-29.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-common-2.2.4-29.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-devel-2.2.4-29.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-profile-2.2.4-29.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/nscd-2.2.4-29.alpha.rpm

alphaev6:
ftp://updates.redhat.com/7.1/en/os/alphaev6/glibc-2.2.4-29.alphaev6.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/glibc-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-common-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-devel-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-profile-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/nscd-2.2.4-29.i386.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/glibc-2.2.4-29.i686.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-common-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-devel-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-profile-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/nscd-2.2.4-29.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/glibc-2.2.4-29.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/glibc-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-common-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-devel-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-profile-2.2.4-29.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/nscd-2.2.4-29.i386.rpm

i686:
ftp://updates.redhat.com/7.2/en/os/i686/glibc-2.2.4-29.i686.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-common-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-devel-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-profile-2.2.4-29.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/nscd-2.2.4-29.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/glibc-2.2.5-39.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/glibc-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-common-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-debug-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-debug-static-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-devel-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-profile-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-utils-2.2.5-39.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/nscd-2.2.5-39.i386.rpm

i686:
ftp://updates.redhat.com/7.3/en/os/i686/glibc-2.2.5-39.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/glibc-debug-2.2.5-39.i686.rpm

SGI
---
SGI已经为此发布了一个安全公告（20020801-01-A）:
20020801-01-A：Sun RPC xdr_array vulnerability
链接：ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A

目前SGI仍在对此漏洞进行进一步调查。

Sun
---
Sun证实Solaris 2.5.1到9的网络服务库，libnsl(3LIB)的xdr_array (3NSL)函数中含有一种溢出漏洞。
Sun已发布了Sun Alert 46122介绍这一漏洞、受影响程序和临时解决方案。一旦得到进一步信息，Sun就会更新Sun Alert:

Sun-Alert-46122：Security Vulnerability in the Network Services Library, libnsl(3LIB)
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert%2F46122

一旦所有补丁开发完毕，Sun就会在下列地址发布一个Sun安全公告:
http://sunsolve.sun.com/security

OpenAFS
-------
OpenAFS已经为此发布了一个安全公告（OPENAFS-SA-2002-001）以及相应补丁:
OPENAFS-SA-2002-001：Remote root vulnerability in OpenAFS servers
链接：http://www.openafs.org/pages/security/OPENAFS-SA-2002-001.txt

补丁下载：

OpenAFS 1.2.5:
http://www.openafs.org/security/xdr-updates-20020731.delta

您也可以升级到OpenAFS 1.2.6, 它已经修复了这个安全漏洞。