Sun Solaris自封装IP报文远程拒绝服务漏洞
时间:2008-09-25 09:12:18 魔新豆网
受影响系统:
Sun Solaris 9.0_x86
Sun Solaris 9.0
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 10_x86
Sun Solaris 10.0
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 28732
Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。
Solaris处理自封装IP报文处理中的安全漏洞可能允许远程特权用户导致系统忙碌,能够导致系统忙碌是一种拒绝服务。
如果出现了上述漏洞,系统会变得忙碌,栈追踪类似于以下:
ip:ip_rput_local_options 0x2cc(, 0x600107fca40, 0x6000ccbcab8,
0x6002b4acde8)
ip:ip_options_cksum 0x8c(0x6000bcac7f8, 0x600107fca40, 0x6000ccbcab8,
0x6002b4acde8)
ip:ip_proto_input 0x8c(0x6000bcac7f8, 0x6000b0caa00, 0x6000ccbcab8,
0x6002b4acde8, 0x600042009a8)
ip:ip_proto_input 0xa34(, 0x6000b0caa00, 0x6000ccbcaa4, 0x6002b4acde8,
0x600042009a8)
ip:ip_fanout_proto_again 0x3ec(, 0x600042009a8, 0x600042009a8,
0x6002b4acde8)
ip:ip_proto_input 0xbf0(, 0x600107fca40, 0x6000ccbca94, 0x6002b4acde8,
0x600042009a8)
ip:ip_input 0x868(0x600042009a8, 0x600093b2040, 0x600107fca40, , ,
0xffffffff)
dls:soft_ring_drain 0x7c(0x60012a17d80, 0xffffffffffffffff, , , , 0x0)
dls:soft_ring_worker 0x64(0x60012a17d80, 0x0)
unix:thread_start 0x4()
<*来源:Sun Alert Notification
链接:http://secunia.com/advisories/29783/
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-235901-1
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-235901)以及相应补丁:
Sun-Alert-235901:A Security Vulnerability in the Handling of Self Encapsulated IP Packets may Lead to a Denial of Service (DOS) Condition
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-235901-1
Sun Solaris 9.0_x86
Sun Solaris 9.0
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 10_x86
Sun Solaris 10.0
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 28732
Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。
Solaris处理自封装IP报文处理中的安全漏洞可能允许远程特权用户导致系统忙碌,能够导致系统忙碌是一种拒绝服务。
如果出现了上述漏洞,系统会变得忙碌,栈追踪类似于以下:
ip:ip_rput_local_options 0x2cc(, 0x600107fca40, 0x6000ccbcab8,
0x6002b4acde8)
ip:ip_options_cksum 0x8c(0x6000bcac7f8, 0x600107fca40, 0x6000ccbcab8,
0x6002b4acde8)
ip:ip_proto_input 0x8c(0x6000bcac7f8, 0x6000b0caa00, 0x6000ccbcab8,
0x6002b4acde8, 0x600042009a8)
ip:ip_proto_input 0xa34(, 0x6000b0caa00, 0x6000ccbcaa4, 0x6002b4acde8,
0x600042009a8)
ip:ip_fanout_proto_again 0x3ec(, 0x600042009a8, 0x600042009a8,
0x6002b4acde8)
ip:ip_proto_input 0xbf0(, 0x600107fca40, 0x6000ccbca94, 0x6002b4acde8,
0x600042009a8)
ip:ip_input 0x868(0x600042009a8, 0x600093b2040, 0x600107fca40, , ,
0xffffffff)
dls:soft_ring_drain 0x7c(0x60012a17d80, 0xffffffffffffffff, , , , 0x0)
dls:soft_ring_worker 0x64(0x60012a17d80, 0x0)
unix:thread_start 0x4()
<*来源:Sun Alert Notification
链接:http://secunia.com/advisories/29783/
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-235901-1
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-235901)以及相应补丁:
Sun-Alert-235901:A Security Vulnerability in the Handling of Self Encapsulated IP Packets may Lead to a Denial of Service (DOS) Condition
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-235901-1
本文标签:
读过此篇文章的网友还读过:
- KB2964358-IE"秘狐"安全漏洞修复后致使IE崩溃的解决方法介绍
- 映泰发布M200系列M.2 SSD:闪存采用BGA封装
- 编辑器代码逃逸漏洞 by蚊虫原创
- hzhost6.5 华众虚拟主机管理系统最新SQL漏洞(附漏洞补丁)
- Dedecms最新注入漏洞分析及修复方法
- 网站防范 "上传漏洞"入侵的方法
- php intval()函数使用不当的安全漏洞分析
- dedecms v5.6 GBK 注入漏洞利用(member/index.php)
- phpcms SQL注入漏洞 adsclass.php 页面过滤不严
- 文件上传漏洞全面渗透分析小结
- MS07-029漏洞利用入侵过程
- DedeCms注入漏洞 影响版本5.3、5.5Posted in php