漏洞信息详情
Linux IPChains碎片重叠漏洞
- CNNVD编号:CNNVD-199907-030 <!--
- 危害等级: 高危-->
- 危害等级: 高危
- CVE编号: CVE-1999-1018
- 漏洞类型: 其他
- 发布时间: 1999-07-27
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: linux
- 漏洞来源: First released in ...
-
漏洞简介
Linux kernels 2.2.10及之前版本中的IPChains存在漏洞。IPChains不能在检验头信息之前重新装配IP碎片,远程攻击者借助该漏洞绕过使用几个带有0位移碎片的过滤规则。
漏洞公告
This patch was provided with the DataProtect advisory posted to BugTraq on July 27, 1999. The solution was incorporated into the 2.2.11 kernel, released in August 1999. *** linux.old/net/ipv4/ip_fw.c Wed Jun 9 05:33:07 1999 --- linux/net/ipv4/ip_fw.c Fri Jul 23 19:20:45 1999 *************** *** 37,42 **** --- 37,45 ---- * 19-May-1999: Star Wars: The Phantom Menace opened. Rule num * printed in log (modified from Michael Hasenstein's patch). * Added SYN in log message. --RR + * 23-Jul-1999: Fixed small fragment security exposure opened on 15-May-1998. + * John McDonald + * Thomas Lopatic */ /* *************** *** 644,650 **** default: size_req = 0; } ! offset = (ntohs(ip->tot_len) ihlsaddr; --- 647,666 ---- default: size_req = 0; } ! ! /* If it is a truncated first fragment then it can be ! * used to rewrite port information, and thus should ! * be blocked. ! */ ! ! if (ntohs(ip->tot_len) ihlsaddr;
参考网址
来源: BID 名称: 543 链接:http://www.securityfocus.com/bid/543 来源: BUGTRAQ 名称: 19990727 Linux 2.2.10 ipchains Advisory 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=93312523904591&w=2
受影响实体
- Linux Linux_kernel:2.2.0<!--2000-1-1-->
- Linux Linux_kernel:2.2.10<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...