安全研究

安全漏洞
Linux 2.4 Kernel多个安全漏洞

发布日期:2003-07-21
更新日期:2003-07-28

受影响系统:
Linux kernel 2.4.9
Linux kernel 2.4.8
Linux kernel 2.4.7
Linux kernel 2.4.6
Linux kernel 2.4.5
Linux kernel 2.4.4
Linux kernel 2.4.3
Linux kernel 2.4.21
Linux kernel 2.4.20
Linux kernel 2.4.2
Linux kernel 2.4.19pre-6
Linux kernel 2.4.19pre-5
Linux kernel 2.4.19pre-4
Linux kernel 2.4.19pre-3
Linux kernel 2.4.19pre-2
Linux kernel 2.4.19pre-1
Linux kernel 2.4.19
Linux kernel 2.4.18pre-8
Linux kernel 2.4.18pre-7
Linux kernel 2.4.18pre-6
Linux kernel 2.4.18pre-5
Linux kernel 2.4.18pre-4
Linux kernel 2.4.18pre-3
Linux kernel 2.4.18pre-2
Linux kernel 2.4.18pre-1
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
Linux kernel 2.4.12
Linux kernel 2.4.11
Linux kernel 2.4.10
Linux kernel 2.4.1
Linux kernel 2.4.0-test1
Linux kernel 2.4
Linux kernel 2.4.18
    - Conectiva Linux 8.0
    - Debian Linux 3.0
    - Mandrake Linux 9.0
    - Mandrake Linux 8.2
    - RedHat Linux 8.0
    - RedHat Linux 7.3
描述:
BUGTRAQ  ID: 8233

Linux是开放源代码的操作系统。

Linux 2.4内核存在多个问题,本地攻击者可以利用这些漏洞进行拒绝服务、提升权限,获得敏感信息等攻击。

具体相关漏洞如下:

CAN-2003-0461:/proc/tty/driver/serial会泄露部分串行链接的字符计数,本地攻击者可以用来猜测密码长度和击键时序等敏感信息。

CAN-2003-0462: Paul Starzetz发现在execve()系统调用中存在文件读竞争条件问题,可导致本地拒绝服务攻击。

CAN-2003-0464:在RPC代码中有一个新的更改,可以在新建立的套接口上设置重用标记,Olaf Kirch发现存在问题可导致普通用户使如nfsd等服务绑定UDP端口。

CAN-2003-0476:Linux 2.4.x中的execve系统调用记录可执行进程的文件描述符在调用进程的文件表中,允许本地用户读访问受限制的文件描述符。

CAN-2003-0501:Linux下的/proc文件系统允许本地用户在执行setuid程序前通过打开/proc/self中的各种条目来获得敏感信息。

CAN-2003-0550: STP协议缺少充分的安全加固,允许攻击者更改网桥拓扑。默认STP协议关闭。

CAN-2003-0551: STP输入处理缺少长度检查,可导致拒绝服务。

CAN-2003-0552: Jerry Kreuscher发现转发表可以通过发送伪造源地址和本地主机一样的包进行欺骗。

<*来源:Red Hat Security Advisory
  
  链接:https://www.redhat.com/support/errata/RHSA-2003-238.html
*>

建议:
厂商补丁:

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:238-01)以及相应补丁:
RHSA-2003:238-01:Updated 2.4 kernel fixes vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2003-238.html

相关补丁下载:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm

athlon:
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm

i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.20-19.7.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm

athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm

i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.20-19.7.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm

i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm

athlon:
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm

i586:
ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.20-19.7.i586.rpm
ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm

i686:
ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.20-19.8.src.rpm

athlon:
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.20-19.8.athlon.rpm
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.20-19.8.athlon.rpm

i386:
ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.20-19.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.20-19.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.20-19.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.20-19.8.i386.rpm

i586:
ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.20-19.8.i586.rpm
ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.20-19.8.i586.rpm

i686:
ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.20-19.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.20-19.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.20-19.8.i686.rpm

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/kernel-2.4.20-19.9.src.rpm

athlon:
ftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-19.9.athlon.rpm
ftp://updates.redhat.com/9/en/os/athlon/kernel-smp-2.4.20-19.9.athlon.rpm

i386:
ftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-19.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-19.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-doc-2.4.20-19.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-BOOT-2.4.20-19.9.i386.rpm

i586:
ftp://updates.redhat.com/9/en/os/i586/kernel-2.4.20-19.9.i586.rpm
ftp://updates.redhat.com/9/en/os/i586/kernel-smp-2.4.20-19.9.i586.rpm

i686:
ftp://updates.redhat.com/9/en/os/i686/kernel-2.4.20-19.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-smp-2.4.20-19.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-19.9.i686.rpm



校验:

MD5 sum                          Package Name
- --------------------------------------------------------------------------
698d00bb8d014e20e717b554aa582bf5 7.1/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
41a8c2599df485a6299bcde0a25ae284 7.1/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
dc872a77835fc0fd81d54905ba979183 7.1/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
41e4f2992c6beaf0a4d3fdbb631c5e9d 7.1/en/os/i386/kernel-2.4.20-19.7.i386.rpm
64894543c12748599d6abb945d0c03c9 7.1/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
02634a9fdecc9a9b8c028187b9c0dccc 7.1/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
537f69c51f85b04130082d06a6497946 7.1/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
7e6672a3758853a9fe482dd1840b570c 7.1/en/os/i586/kernel-2.4.20-19.7.i586.rpm
a17f6e2e1ec4cd10fa34377092bfb075 7.1/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
a7a968d159074b0d7d9bf570e0d4453b 7.1/en/os/i686/kernel-2.4.20-19.7.i686.rpm
50e7098370f3184b9f8170883a63af4c 7.1/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
5e28ba6b0d2e8562f572de0b0724eeb7 7.1/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
698d00bb8d014e20e717b554aa582bf5 7.2/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
41a8c2599df485a6299bcde0a25ae284 7.2/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
dc872a77835fc0fd81d54905ba979183 7.2/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
41e4f2992c6beaf0a4d3fdbb631c5e9d 7.2/en/os/i386/kernel-2.4.20-19.7.i386.rpm
64894543c12748599d6abb945d0c03c9 7.2/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
02634a9fdecc9a9b8c028187b9c0dccc 7.2/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
537f69c51f85b04130082d06a6497946 7.2/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
7e6672a3758853a9fe482dd1840b570c 7.2/en/os/i586/kernel-2.4.20-19.7.i586.rpm
a17f6e2e1ec4cd10fa34377092bfb075 7.2/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
a7a968d159074b0d7d9bf570e0d4453b 7.2/en/os/i686/kernel-2.4.20-19.7.i686.rpm
50e7098370f3184b9f8170883a63af4c 7.2/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
5e28ba6b0d2e8562f572de0b0724eeb7 7.2/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
698d00bb8d014e20e717b554aa582bf5 7.3/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm
41a8c2599df485a6299bcde0a25ae284 7.3/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm
dc872a77835fc0fd81d54905ba979183 7.3/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm
41e4f2992c6beaf0a4d3fdbb631c5e9d 7.3/en/os/i386/kernel-2.4.20-19.7.i386.rpm
64894543c12748599d6abb945d0c03c9 7.3/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm
02634a9fdecc9a9b8c028187b9c0dccc 7.3/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm
537f69c51f85b04130082d06a6497946 7.3/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm
7e6672a3758853a9fe482dd1840b570c 7.3/en/os/i586/kernel-2.4.20-19.7.i586.rpm
a17f6e2e1ec4cd10fa34377092bfb075 7.3/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm
a7a968d159074b0d7d9bf570e0d4453b 7.3/en/os/i686/kernel-2.4.20-19.7.i686.rpm
50e7098370f3184b9f8170883a63af4c 7.3/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm
5e28ba6b0d2e8562f572de0b0724eeb7 7.3/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm
cf43c708a8c9b92a273aad9782ebe3fc 8.0/en/os/SRPMS/kernel-2.4.20-19.8.src.rpm
8fc7f90b8e8d557c41d6cf2547952c1d 8.0/en/os/athlon/kernel-2.4.20-19.8.athlon.rpm
52b18ab6ae28422e518642517644da35 8.0/en/os/athlon/kernel-smp-2.4.20-19.8.athlon.rpm
fbfff1b36f17e26e6a1ce479ef49e365 8.0/en/os/i386/kernel-2.4.20-19.8.i386.rpm
4d8350dd66be36060bf0551f36a9eb6f 8.0/en/os/i386/kernel-BOOT-2.4.20-19.8.i386.rpm
af87de700f6b2568e6b7d5ed4ef75df1 8.0/en/os/i386/kernel-doc-2.4.20-19.8.i386.rpm
b5e079c96b00226951564afcc2d4d5af 8.0/en/os/i386/kernel-source-2.4.20-19.8.i386.rpm
8cc317a6f56dbdc0c1464a7e96ee37b8 8.0/en/os/i586/kernel-2.4.20-19.8.i586.rpm
a552754aad9099019c18cdc8d5cb1f41 8.0/en/os/i586/kernel-smp-2.4.20-19.8.i586.rpm
9f0d0622b37dc199e8cb79acfc426d74 8.0/en/os/i686/kernel-2.4.20-19.8.i686.rpm
f91b6e385290e82075c2b321247f8ada 8.0/en/os/i686/kernel-bigmem-2.4.20-19.8.i686.rpm
9856cb68f2f32410ae5ffc7a9789bccb 8.0/en/os/i686/kernel-smp-2.4.20-19.8.i686.rpm
6ca9ea03ece1c3a40d0c1acb5bb5d2f2 9/en/os/SRPMS/kernel-2.4.20-19.9.src.rpm
2e1ecff32d8c91126f96032576afbe7b 9/en/os/athlon/kernel-2.4.20-19.9.athlon.rpm
a22c6fc30dc64d1394361f93890fc23e 9/en/os/athlon/kernel-smp-2.4.20-19.9.athlon.rpm
030ed2ec0324b58a1e80e8c7ee54effe 9/en/os/i386/kernel-2.4.20-19.9.i386.rpm
f97f319353b32eeb2f96a0311135c856 9/en/os/i386/kernel-BOOT-2.4.20-19.9.i386.rpm
d31fe42a6b1269362dd70ee361bdc94d 9/en/os/i386/kernel-doc-2.4.20-19.9.i386.rpm
0daf50da25ade8cce42e7445dfe0d24c 9/en/os/i386/kernel-source-2.4.20-19.9.i386.rpm
bd471aa92a83aa40c6fc4ee06e5f2f0e 9/en/os/i586/kernel-2.4.20-19.9.i586.rpm
cafec48037739216070833def01a3832 9/en/os/i586/kernel-smp-2.4.20-19.9.i586.rpm
e940c18ed58ca525ba0545be23ce43b4 9/en/os/i686/kernel-2.4.20-19.9.i686.rpm
b2216f3ac6697ca319ed8547a1edb320 9/en/os/i686/kernel-bigmem-2.4.20-19.9.i686.rpm
bb8b49b539bf16b8bce329d80dfafaca 9/en/os/i686/kernel-smp-2.4.20-19.9.i686.rpm

浏览次数:3406
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障