Linux 2.4 UDP IP验证漏洞
/ns/ld/unix/data/20020804013553.htm
Linux 2.4 UDP IP验证漏洞
翻译:晓澜 <emile_liao@163.net>
QQ: 42449970
http://www.unsecret.org
---------------------------------------------
受影响系统:
Linux kernel 2.4
Linux kernel 2.4.1
Linux kernel 2.4.2
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 i386
Linux kernel 2.4.3
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.0 ppc
Linux kernel 2.4.4
Linux kernel 2.4.5
+ Slackware Linux 8.0
Linux kernel 2.4.6
Linux kernel 2.4.7
+ RedHat Linux 7.2
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.2
Linux kernel 2.4.8
+ MandrakeSoft Linux Mandrake 8.1
Linux kernel 2.4.9
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 ia64
Linux kernel 2.4.10
+ S.u.S.E. Linux 7.3
Linux kernel 2.4.11
Linux kernel 2.4.12
Linux kernel 2.4.13
Linux kernel 2.4.14
Linux kernel 2.4.15
Linux kernel 2.4.16
Linux kernel 2.4.17
Linux kernel 2.4.18
漏洞描述:
Linux kernel 2.4的IP堆栈处理上存在识别漏洞。
UDP packets are transmitted with a constant IP Identification field of 0.
该漏洞可能导致泄漏服务器操作系统和内核版本。
参考:
http://online.securityfocus.com/archive/1/262840