欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

Sun Solaris自封装IP报文远程拒绝服务漏洞

程序员文章站 2022-03-29 10:58:01
受影响系统: Sun Solaris 9.0_x86 Sun Solaris 9.0 Sun Solaris 8.0_x86 Sun Solaris 8.0 Sun Solaris 10_x86 Sun Solaris 10.0 描述: --------------------------... 08-10-08...
受影响系统:
sun solaris 9.0_x86
sun solaris 9.0
sun solaris 8.0_x86
sun solaris 8.0
sun solaris 10_x86
sun solaris 10.0
描述:
--------------------------------------------------------------------------------
bugtraq id: 28732

solaris是一款由sun开发和维护的商业性质unix操作系统。

solaris处理自封装ip报文处理中的安全漏洞可能允许远程特权用户导致系统忙碌,能够导致系统忙碌是一种拒绝服务。

如果出现了上述漏洞,系统会变得忙碌,栈追踪类似于以下:

ip:ip_rput_local_options 0x2cc(, 0x600107fca40, 0x6000ccbcab8,
0x6002b4acde8)
ip:ip_options_cksum 0x8c(0x6000bcac7f8, 0x600107fca40, 0x6000ccbcab8,
0x6002b4acde8)
ip:ip_proto_input 0x8c(0x6000bcac7f8, 0x6000b0caa00, 0x6000ccbcab8,
0x6002b4acde8, 0x600042009a8)
ip:ip_proto_input 0xa34(, 0x6000b0caa00, 0x6000ccbcaa4, 0x6002b4acde8,
0x600042009a8)
ip:ip_fanout_proto_again 0x3ec(, 0x600042009a8, 0x600042009a8,
0x6002b4acde8)
ip:ip_proto_input 0xbf0(, 0x600107fca40, 0x6000ccbca94, 0x6002b4acde8,
0x600042009a8)
ip:ip_input 0x868(0x600042009a8, 0x600093b2040, 0x600107fca40, , ,
0xffffffff)
dls:soft_ring_drain 0x7c(0x60012a17d80, 0xffffffffffffffff, , , , 0x0)
dls:soft_ring_worker 0x64(0x60012a17d80, 0x0)
unix:thread_start 0x4()

<*来源:sun alert notification

链接:http://secunia.com/advisories/29783/
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-235901-1
*>

建议:
--------------------------------------------------------------------------------
厂商补丁:

sun
---
sun已经为此发布了一个安全公告(sun-alert-235901)以及相应补丁:
sun-alert-235901:a security vulnerability in the handling of self encapsulated ip packets may lead to a denial of service (dos) condition
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-235901-1