Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4377
HistoryOct 31, 2008 - 12:00 a.m.

Linux Kernel proc_do_xprt()函数本地栈溢出漏洞

2008-10-3100:00:00
Root
www.seebug.org
11

0.0004 Low

EPSS

Percentile

5.7%

JSON

BUGTRAQ ID: 31937
CVE(CAN) ID: CVE-2008-3911

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的net/sunrpc/sysctl.c文件中的proc_do_xprt函数没有检查某些从用户域所获得缓冲区的长度,本地攻击者可以通过对/proc/sys/sunrpc/transports文件特制的读系统调用触发栈溢出,导致执行任意指令。

Linux kernel 2.6.26.3
Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.26.4.tar.bz2” target=“_blank”>http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.26.4.tar.bz2</a>

Related

cve 1
redhatcve 1
prion 1
ubuntucve 1
nessus 1
openvas 1
suse 1
cve
cve
CVE-2008-3911
2008-09-04 17:41:00
redhatcve
redhatcve
CVE-2008-3911
2015-10-30 10:14:14
prion
prion
Stack overflow
2008-09-04 17:41:00
ubuntucve
ubuntucve
CVE-2008-3911
2008-09-04 00:00:00
nessus
nessus
openSUSE Security Update : kernel (kernel-270)
2009-07-21 00:00:00
openvas
openvas
SuSE Update for kernel SUSE-SA:2008:053
2009-01-23 00:00:00
suse
suse
remote denial of service in kernel
2008-10-27 17:50:21

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for SSV:4377
cve1redhatcve1prion1ubuntucve1nessus1openvas1suse1