安全研究
安全漏洞
Linux 2.4 Kernel多个安全漏洞
发布日期:2003-07-21
更新日期:2003-07-28
受影响系统:
Linux kernel 2.4.9描述:
Linux kernel 2.4.8
Linux kernel 2.4.7
Linux kernel 2.4.6
Linux kernel 2.4.5
Linux kernel 2.4.4
Linux kernel 2.4.3
Linux kernel 2.4.21
Linux kernel 2.4.20
Linux kernel 2.4.2
Linux kernel 2.4.19pre-6
Linux kernel 2.4.19pre-5
Linux kernel 2.4.19pre-4
Linux kernel 2.4.19pre-3
Linux kernel 2.4.19pre-2
Linux kernel 2.4.19pre-1
Linux kernel 2.4.19
Linux kernel 2.4.18pre-8
Linux kernel 2.4.18pre-7
Linux kernel 2.4.18pre-6
Linux kernel 2.4.18pre-5
Linux kernel 2.4.18pre-4
Linux kernel 2.4.18pre-3
Linux kernel 2.4.18pre-2
Linux kernel 2.4.18pre-1
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
Linux kernel 2.4.12
Linux kernel 2.4.11
Linux kernel 2.4.10
Linux kernel 2.4.1
Linux kernel 2.4.0-test1
Linux kernel 2.4
Linux kernel 2.4.18
- Conectiva Linux 8.0
- Debian Linux 3.0
- Mandrake Linux 9.0
- Mandrake Linux 8.2
- RedHat Linux 8.0
- RedHat Linux 7.3
BUGTRAQ ID: 8233
Linux是开放源代码的操作系统。
Linux 2.4内核存在多个问题,本地攻击者可以利用这些漏洞进行拒绝服务、提升权限,获得敏感信息等攻击。
具体相关漏洞如下:
CAN-2003-0461:/proc/tty/driver/serial会泄露部分串行链接的字符计数,本地攻击者可以用来猜测密码长度和击键时序等敏感信息。
CAN-2003-0462: Paul Starzetz发现在execve()系统调用中存在文件读竞争条件问题,可导致本地拒绝服务攻击。
CAN-2003-0464:在RPC代码中有一个新的更改,可以在新建立的套接口上设置重用标记,Olaf Kirch发现存在问题可导致普通用户使如nfsd等服务绑定UDP端口。
CAN-2003-0476:Linux 2.4.x中的execve系统调用记录可执行进程的文件描述符在调用进程的文件表中,允许本地用户读访问受限制的文件描述符。
CAN-2003-0501:Linux下的/proc文件系统允许本地用户在执行setuid程序前通过打开/proc/self中的各种条目来获得敏感信息。
CAN-2003-0550: STP协议缺少充分的安全加固,允许攻击者更改网桥拓扑。默认STP协议关闭。
CAN-2003-0551: STP输入处理缺少长度检查,可导致拒绝服务。
CAN-2003-0552: Jerry Kreuscher发现转发表可以通过发送伪造源地址和本地主机一样的包进行欺骗。
<*来源:Red Hat Security Advisory
链接:https://www.redhat.com/support/errata/RHSA-2003-238.html
*>
建议:
厂商补丁:
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:238-01)以及相应补丁:
RHSA-2003:238-01:Updated 2.4 kernel fixes vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2003-238.html
相关补丁下载:
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
athlon:
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.20-19.7.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.20-19.7.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
athlon:
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
i586:
ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.20-19.7.i586.rpm
ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
i686:
ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
Red Hat Linux 8.0:
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.20-19.8.src.rpm
athlon:
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.20-19.8.athlon.rpm
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.20-19.8.athlon.rpm
i386:
ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.20-19.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.20-19.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.20-19.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.20-19.8.i386.rpm
i586:
ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.20-19.8.i586.rpm
ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.20-19.8.i586.rpm
i686:
ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.20-19.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.20-19.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.20-19.8.i686.rpm
Red Hat Linux 9:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/kernel-2.4.20-19.9.src.rpm
athlon:
ftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-19.9.athlon.rpm
ftp://updates.redhat.com/9/en/os/athlon/kernel-smp-2.4.20-19.9.athlon.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-19.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-19.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-doc-2.4.20-19.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-BOOT-2.4.20-19.9.i386.rpm
i586:
ftp://updates.redhat.com/9/en/os/i586/kernel-2.4.20-19.9.i586.rpm
ftp://updates.redhat.com/9/en/os/i586/kernel-smp-2.4.20-19.9.i586.rpm
i686:
ftp://updates.redhat.com/9/en/os/i686/kernel-2.4.20-19.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-smp-2.4.20-19.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-19.9.i686.rpm
校验:
MD5 sum Package Name
- --------------------------------------------------------------------------
698d00bb8d014e20e717b554aa582bf5 7.1/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
41a8c2599df485a6299bcde0a25ae284 7.1/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
dc872a77835fc0fd81d54905ba979183 7.1/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
41e4f2992c6beaf0a4d3fdbb631c5e9d 7.1/en/os/i386/kernel-2.4.20-19.7.i386.rpm
64894543c12748599d6abb945d0c03c9 7.1/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
02634a9fdecc9a9b8c028187b9c0dccc 7.1/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
537f69c51f85b04130082d06a6497946 7.1/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
7e6672a3758853a9fe482dd1840b570c 7.1/en/os/i586/kernel-2.4.20-19.7.i586.rpm
a17f6e2e1ec4cd10fa34377092bfb075 7.1/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
a7a968d159074b0d7d9bf570e0d4453b 7.1/en/os/i686/kernel-2.4.20-19.7.i686.rpm
50e7098370f3184b9f8170883a63af4c 7.1/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
5e28ba6b0d2e8562f572de0b0724eeb7 7.1/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
698d00bb8d014e20e717b554aa582bf5 7.2/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
41a8c2599df485a6299bcde0a25ae284 7.2/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
dc872a77835fc0fd81d54905ba979183 7.2/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
41e4f2992c6beaf0a4d3fdbb631c5e9d 7.2/en/os/i386/kernel-2.4.20-19.7.i386.rpm
64894543c12748599d6abb945d0c03c9 7.2/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
02634a9fdecc9a9b8c028187b9c0dccc 7.2/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
537f69c51f85b04130082d06a6497946 7.2/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
7e6672a3758853a9fe482dd1840b570c 7.2/en/os/i586/kernel-2.4.20-19.7.i586.rpm
a17f6e2e1ec4cd10fa34377092bfb075 7.2/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
a7a968d159074b0d7d9bf570e0d4453b 7.2/en/os/i686/kernel-2.4.20-19.7.i686.rpm
50e7098370f3184b9f8170883a63af4c 7.2/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
5e28ba6b0d2e8562f572de0b0724eeb7 7.2/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
698d00bb8d014e20e717b554aa582bf5 7.3/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
41a8c2599df485a6299bcde0a25ae284 7.3/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
dc872a77835fc0fd81d54905ba979183 7.3/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
41e4f2992c6beaf0a4d3fdbb631c5e9d 7.3/en/os/i386/kernel-2.4.20-19.7.i386.rpm
64894543c12748599d6abb945d0c03c9 7.3/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
02634a9fdecc9a9b8c028187b9c0dccc 7.3/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
537f69c51f85b04130082d06a6497946 7.3/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
7e6672a3758853a9fe482dd1840b570c 7.3/en/os/i586/kernel-2.4.20-19.7.i586.rpm
a17f6e2e1ec4cd10fa34377092bfb075 7.3/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
a7a968d159074b0d7d9bf570e0d4453b 7.3/en/os/i686/kernel-2.4.20-19.7.i686.rpm
50e7098370f3184b9f8170883a63af4c 7.3/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
5e28ba6b0d2e8562f572de0b0724eeb7 7.3/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
cf43c708a8c9b92a273aad9782ebe3fc 8.0/en/os/SRPMS/kernel-2.4.20-19.8.src.rpm
8fc7f90b8e8d557c41d6cf2547952c1d 8.0/en/os/athlon/kernel-2.4.20-19.8.athlon.rpm
52b18ab6ae28422e518642517644da35 8.0/en/os/athlon/kernel-smp-2.4.20-19.8.athlon.rpm
fbfff1b36f17e26e6a1ce479ef49e365 8.0/en/os/i386/kernel-2.4.20-19.8.i386.rpm
4d8350dd66be36060bf0551f36a9eb6f 8.0/en/os/i386/kernel-BOOT-2.4.20-19.8.i386.rpm
af87de700f6b2568e6b7d5ed4ef75df1 8.0/en/os/i386/kernel-doc-2.4.20-19.8.i386.rpm
b5e079c96b00226951564afcc2d4d5af 8.0/en/os/i386/kernel-source-2.4.20-19.8.i386.rpm
8cc317a6f56dbdc0c1464a7e96ee37b8 8.0/en/os/i586/kernel-2.4.20-19.8.i586.rpm
a552754aad9099019c18cdc8d5cb1f41 8.0/en/os/i586/kernel-smp-2.4.20-19.8.i586.rpm
9f0d0622b37dc199e8cb79acfc426d74 8.0/en/os/i686/kernel-2.4.20-19.8.i686.rpm
f91b6e385290e82075c2b321247f8ada 8.0/en/os/i686/kernel-bigmem-2.4.20-19.8.i686.rpm
9856cb68f2f32410ae5ffc7a9789bccb 8.0/en/os/i686/kernel-smp-2.4.20-19.8.i686.rpm
6ca9ea03ece1c3a40d0c1acb5bb5d2f2 9/en/os/SRPMS/kernel-2.4.20-19.9.src.rpm
2e1ecff32d8c91126f96032576afbe7b 9/en/os/athlon/kernel-2.4.20-19.9.athlon.rpm
a22c6fc30dc64d1394361f93890fc23e 9/en/os/athlon/kernel-smp-2.4.20-19.9.athlon.rpm
030ed2ec0324b58a1e80e8c7ee54effe 9/en/os/i386/kernel-2.4.20-19.9.i386.rpm
f97f319353b32eeb2f96a0311135c856 9/en/os/i386/kernel-BOOT-2.4.20-19.9.i386.rpm
d31fe42a6b1269362dd70ee361bdc94d 9/en/os/i386/kernel-doc-2.4.20-19.9.i386.rpm
0daf50da25ade8cce42e7445dfe0d24c 9/en/os/i386/kernel-source-2.4.20-19.9.i386.rpm
bd471aa92a83aa40c6fc4ee06e5f2f0e 9/en/os/i586/kernel-2.4.20-19.9.i586.rpm
cafec48037739216070833def01a3832 9/en/os/i586/kernel-smp-2.4.20-19.9.i586.rpm
e940c18ed58ca525ba0545be23ce43b4 9/en/os/i686/kernel-2.4.20-19.9.i686.rpm
b2216f3ac6697ca319ed8547a1edb320 9/en/os/i686/kernel-bigmem-2.4.20-19.9.i686.rpm
bb8b49b539bf16b8bce329d80dfafaca 9/en/os/i686/kernel-smp-2.4.20-19.9.i686.rpm
浏览次数:3406
严重程度:0(网友投票)
绿盟科技给您安全的保障