| CNNVD-ID编号 | CNNVD-200602-080 |
| CVE编号 | CVE-2006-0454 |
| 发布时间 | 2006-02-07 |
| 更新时间 | 2006-04-28 |
| 漏洞类型 | 资源管理错误 |
| 漏洞来源 | The vendor disclosed this issue. |
| 危险等级 | 中危 |
| 威胁类型 | 远程 |
| 厂 商 | linux |
Linux Kernel 2.6.12到2.6.15.3版本中,若icmp.c中的ip_options_echo功能故障,则无法正确在icmp_send中构建ICMP响应。远程攻击者可以借助向量,如设置了needaddr位以及具有截断值的(1) record-route和(2)IP时间戳选项,来造成拒绝服务(崩溃)。
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
S.u.S.E. Linux Professional 10.0
SuSE kernel-default-2.6.13-15.8.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-default-2. 6.13-15.8.ppc.rpm
SuSE kernel-default-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default -2.6.13-15.8.x86_64.rpm
SuSE kernel-default-nongpl-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default -nongpl-2.6.13-15.8.x86_64.rpm
SuSE kernel-iseries64-2.6.13-15.8.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-iseries64- 2.6.13-15.8.ppc.rpm
SuSE kernel-ppc64-2.6.13-15.8.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-ppc64-2.6. 13-15.8.ppc.rpm
SuSE kernel-smp-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-2.6 .13-15.8.x86_64.rpm
SuSE kernel-smp-nongpl-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-non gpl-2.6.13-15.8.x86_64.rpm
SuSE kernel-source-2.6.13-15.8.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-source-2.6 .13-15.8.ppc.rpm
SuSE kernel-source-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-source- 2.6.13-15.8.x86_64.rpm
SuSE kernel-syms-2.6.13-15.8.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-syms-2.6.1 3-15.8.ppc.rpm
SuSE kernel-syms-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-syms-2. 6.13-15.8.x86_64.rpm
SuSE kernel-xen-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-2.6 .13-15.8.x86_64.rpm
SuSE kernel-xen-nongpl-2.6.13-15.8.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-non gpl-2.6.13-15.8.x86_64.rpm
SuSE xen-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-3.0_8259-0 .1.x86_64.rpm
SuSE xen-devel-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-devel-3.0_ 8259-0.1.x86_64.rpm
SuSE xen-doc-html-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-html-3 .0_8259-0.1.x86_64.rpm
SuSE xen-doc-pdf-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-pdf-3. 0_8259-0.1.x86_64.rpm
SuSE xen-doc-ps-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-ps-3.0 _8259-0.1.x86_64.rpm
SuSE xen-tools-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-3.0_ 8259-0.1.x86_64.rpm
SuSE xen-tools-ioemu-3.0_8259-0.1.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-ioem u-3.0_8259-0.1.x86_64.rpm
Linux kernel 2.6 -test6
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6 -test4
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6 -test2
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6 -test11
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6 -test9-CVS
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6 -test3
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
Linux kernel 2.6 .10
Linux linux-2.6.15.3.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
来源: BID
名称: 16532
来源: FEDORA
名称: FLSA:157459-4
链接:http://www.securityfocus.com/archive/1/archive/1/427981/100/0/threaded
来源: FEDORA
名称: FEDORA-2006-102
链接:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00037.html
来源: SUSE
名称: SUSE-SA:2006:006
链接:http://www.novell.com/linux/security/advisories/2006_06_kernel.html
来源: VUPEN
名称: ADV-2006-0464
来源: SECUNIA
名称: 18861
来源: SECUNIA
名称: 18788
来源: SECUNIA
名称: 18784
来源: SECUNIA
名称: 18774
来源: SECUNIA
名称: 18766
来源: MLIST
名称: [dailydave] 20060207 Fun with Linux (2.6.12 -> 2.6.15.2)
链接:http://lists.immunitysec.com/pipermail/dailydave/2006-February/002909.html
来源: UBUNTU
名称: USN-250-1
来源: TRUSTIX
名称: 2006-0006
来源: www.kernel.org
链接:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3
来源: MLIST
名称: [linux-kernel] 20060207 Re: Linux 2.6.15.3
链接:http://marc.theaimsgroup.com/?l=linux-kernel&m=113927648820694&w=2
来源: MLIST
名称: [linux-kernel] 20060207 Linux 2.6.15.3
链接:http://marc.theaimsgroup.com/?l=linux-kernel&m=113927617401569&w=2
来源: MANDRIVA
名称: MDKSA-2006:040
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:040
来源: XF
名称: kernel-icmp-ipoptionsecho-dos(24575)