CVE-2005-0504
CVSS4.6
发布时间 :2005-03-14 00:00:00
修订时间 :2011-03-07 21:20:09
NMCOPS    

[原文]Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.


[CNNVD]Linux Kernel 缓冲区溢出漏洞(CNNVD-200503-096)

        
        Linux Kernel是开放源代码操作系统Linux的内核。
        Linux Kernel moxa驱动MoxaDriverIoctl函数存在缓冲区溢出,本地攻击者可以利用这个漏洞提升特权。
        问题存在于如下代码drivers/char/moxa.c:
        In MoxaDriverIoctl():
        > if(copy_from_user( &dltmp, argp, sizeof(struct dl_str)))
        > return -EFAULT;
         ^ dltmp.len 是由用户控制
        > if(dltmp.cardno < 0 || dltmp.cardno >= MAX_BOARDS)
        > return -EINVAL;
        >
        > switch(cmd)
        > {> case MOXA_LOAD_BIOS:
        > i = moxaloadbios(dltmp.cardno, dltmp.buf, dltmp.len);
         ^ 调用时没有任何长度检查
        > return (i);
        > case MOXA_FIND_BOARD:
        > return moxafindcard(dltmp.cardno);
        > case MOXA_LOAD_C320B:
        > moxaload320b(dltmp.cardno, dltmp.buf, dltmp.len);
         ^ 调用时没有任何长度检查
        > default: /* to keep gcc happy */
        > return (0);
        > case MOXA_LOAD_CODE:
        > i = moxaloadcode(dltmp.cardno, dltmp.buf, dltmp.len);
         ^ 调用时没有任何长度检查
        在 moxaloadbios()中:
        >static int moxaloadbios(int cardno, unsigned char __user *tmp, int len)
        >{
        > void __iomem *baseAddr;
        > int i;
        >
        > if(copy_from_user(moxaBuff, tmp, len))
         ^ copy_from_user没有进行任何长度检查
        > return -EFAULT;
        在 moxaloadcode()中:
        > static int moxaloadcode(int cardno, unsigned char __user *tmp, int len)
        > {
        > void __iomem *baseAddr, *ofsAddr;
        > int retval, port, i;
        >
        > if(copy_from_user(moxaBuff, tmp, len))
         ^ copy_from_user没有进行任何长度检查
        > return -EFAULT;
        In moxaload320b():
        >static int moxaload320b(int cardno, unsigned char __user *tmp, int len)
        >{
        > void __iomem *baseAddr;
        > int i;
        >
        > if(len > sizeof(moxaBuff))
         ^ signed int只有一个上界检查
        > return -EINVAL;
        > if(copy_from_user(moxaBuff, tmp, len))
         ^ copy_from_user的len可能大于sizeof(moxaBuff)
        > return -EFAULT;
        攻击者可以控制长度值造成缓冲区溢出,精心构建提交数据可能以提升特权。
        

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-119 [内存缓冲区边界内操作的限制不恰当]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.5.42Linux Kernel 2.5.42
cpe:/o:linux:linux_kernel:2.3.99:pre6Linux Kernel 2.3.99 pre6
cpe:/o:linux:linux_kernel:2.5.35Linux Kernel 2.5.35
cpe:/o:linux:linux_kernel:2.3.99:pre3Linux Kernel 2.3.99 pre3
cpe:/o:linux:linux_kernel:2.5.66Linux Kernel 2.5.66
cpe:/o:linux:linux_kernel:2.5.58Linux Kernel 2.5.58
cpe:/o:linux:linux_kernel:2.2.3Linux Kernel 2.2.3
cpe:/o:linux:linux_kernel:2.5.26Linux Kernel 2.5.26
cpe:/o:linux:linux_kernel:2.2.10Linux Kernel 2.2.10
cpe:/o:linux:linux_kernel:2.6.0:test11Linux Kernel 2.6 test11
cpe:/o:linux:linux_kernel:2.2.14Linux Kernel 2.2.14
cpe:/o:linux:linux_kernel:2.5.4Linux Kernel 2.5.4
cpe:/o:linux:linux_kernel:2.3.99Linux Kernel 2.3.99
cpe:/o:linux:linux_kernel:2.5.20Linux Kernel 2.5.20
cpe:/o:linux:linux_kernel:2.3.99:pre4Linux Kernel 2.3.99 pre4
cpe:/o:linux:linux_kernel:2.4.29:rc2Linux Kernel 2.4.29 rc2
cpe:/o:linux:linux_kernel:2.5.56Linux Kernel 2.5.56
cpe:/o:linux:linux_kernel:2.4.12Linux Kernel 2.4.12
cpe:/o:linux:linux_kernel:2.4.0:test8Linux Kernel 2.4.0 test8
cpe:/o:linux:linux_kernel:2.5.65Linux Kernel 2.5.65
cpe:/o:linux:linux_kernel:2.2.7Linux Kernel 2.2.7
cpe:/o:linux:linux_kernel:2.5.0Linux Kernel 2.5.0
cpe:/o:linux:linux_kernel:2.4.19:pre3Linux Kernel 2.4.19 pre3
cpe:/o:linux:linux_kernel:2.4.23_ow2
cpe:/o:linux:linux_kernel:2.2.18Linux Kernel 2.2.18
cpe:/o:linux:linux_kernel:2.5.57Linux Kernel 2.5.57
cpe:/o:linux:linux_kernel:2.2.2Linux Kernel 2.2.2
cpe:/o:linux:linux_kernel:2.4.0:test10Linux Kernel 2.4.0 test10
cpe:/o:linux:linux_kernel:2.5.63Linux Kernel 2.5.63
cpe:/o:linux:linux_kernel:2.6.8:rc3Linux Kernel 2.6.8 Release Candidate 3
cpe:/o:linux:linux_kernel:2.4.4Linux Kernel 2.4.4
cpe:/o:linux:linux_kernel:2.4.13Linux Kernel 2.4.13
cpe:/o:linux:linux_kernel:2.5.28Linux Kernel 2.5.28
cpe:/o:linux:linux_kernel:2.5.62Linux Kernel 2.5.62
cpe:/o:linux:linux_kernel:2.4.19:pre4Linux Kernel 2.4.19 pre4
cpe:/o:linux:linux_kernel:2.5.49Linux Kernel 2.5.49
cpe:/o:linux:linux_kernel:2.4.27:pre4Linux Kernel 2.4.27 pre4
cpe:/o:linux:linux_kernel:2.4.0:test4Linux Kernel 2.4.0 test4
cpe:/o:linux:linux_kernel:2.6.1:rc1Linux Kernel 2.6.1 Release Candidate 1
cpe:/o:linux:linux_kernel:2.2.1Linux Kernel 2.2.1
cpe:/o:linux:linux_kernel:2.5.3Linux Kernel 2.5.3
cpe:/o:linux:linux_kernel:2.6.0Linux Kernel 2.6.0
cpe:/o:linux:linux_kernel:2.5.46Linux Kernel 2.5.46
cpe:/o:linux:linux_kernel:2.3.99:pre5Linux Kernel 2.3.99 pre5
cpe:/o:linux:linux_kernel:2.6.0:test8Linux Kernel 2.6 test8
cpe:/o:linux:linux_kernel:2.4.19:pre5Linux Kernel 2.4.19 pre5
cpe:/o:linux:linux_kernel:2.6.0:test10Linux Kernel 2.6 test10
cpe:/o:linux:linux_kernel:2.2.11Linux Kernel 2.2.11
cpe:/o:linux:linux_kernel:2.4.0:test6Linux Kernel 2.4.0 test6
cpe:/o:linux:linux_kernel:2.5.60Linux Kernel 2.5.60
cpe:/o:linux:linux_kernel:2.5.44Linux Kernel 2.5.44
cpe:/o:linux:linux_kernel:2.5.59Linux Kernel 2.5.59
cpe:/o:linux:linux_kernel:2.5.9Linux Kernel 2.5.9
cpe:/o:linux:linux_kernel:2.5.6Linux Kernel 2.5.6
cpe:/o:linux:linux_kernel:2.4.1Linux Kernel 2.4.1
cpe:/o:linux:linux_kernel:2.5.22Linux Kernel 2.5.22
cpe:/o:linux:linux_kernel:2.5.14Linux Kernel 2.5.14
cpe:/o:linux:linux_kernel:2.5.24Linux Kernel 2.5.24
cpe:/o:linux:linux_kernel:2.3.99:pre2Linux Kernel 2.3.99 pre2
cpe:/o:linux:linux_kernel:2.4.10Linux Kernel 2.4.10
cpe:/o:linux:linux_kernel:2.4.18:pre5Linux Kernel 2.4.18 pre5
cpe:/o:linux:linux_kernel:2.2.25Linux Kernel 2.2.25
cpe:/o:linux:linux_kernel:2.6.0:test5Linux Kernel 2.6 test5
cpe:/o:linux:linux_kernel:2.5.2Linux Kernel 2.5.2
cpe:/o:linux:linux_kernel:2.5.10Linux Kernel 2.5.10
cpe:/o:linux:linux_kernel:2.5.55Linux Kernel 2.5.55
cpe:/o:linux:linux_kernel:2.4.19:pre6Linux Kernel 2.4.19 pre6
cpe:/o:linux:linux_kernel:2.4.0:test7Linux Kernel 2.4.0 test7
cpe:/o:linux:linux_kernel:2.5.1Linux Kernel 2.5.1
cpe:/o:linux:linux_kernel:2.4.21:pre1Linux Kernel 2.4.21 pre1
cpe:/o:linux:linux_kernel:2.5.29Linux Kernel 2.5.29
cpe:/o:linux:linux_kernel:2.6.0:test7Linux Kernel 2.6 test7
cpe:/o:linux:linux_kernel:2.4.5Linux Kernel 2.4.5
cpe:/o:linux:linux_kernel:2.5.7Linux Kernel 2.5.7
cpe:/o:linux:linux_kernel:2.3.0Linux Kernel 2.3
cpe:/o:linux:linux_kernel:2.5.36Linux Kernel 2.5.36
cpe:/o:linux:linux_kernel:2.4.18:pre7Linux Kernel 2.4.18 pre7
cpe:/o:linux:linux_kernel:2.5.41Linux Kernel 2.5.41
cpe:/o:linux:linux_kernel:2.4.2Linux Kernel 2.4.2
cpe:/o:linux:linux_kernel:2.4.0:test11Linux Kernel 2.4.0 test11
cpe:/o:linux:linux_kernel:2.5.13Linux Kernel 2.5.13
cpe:/o:linux:linux_kernel:2.2.15:pre16Linux Kernel 2.2.15 pre16
cpe:/o:linux:linux_kernel:2.4.27:pre1Linux Kernel 2.4.27 pre1
cpe:/o:linux:linux_kernel:2.2.24Linux Kernel 2.2.24
cpe:/o:linux:linux_kernel:2.5.34Linux Kernel 2.5.34
cpe:/o:linux:linux_kernel:2.2.9Linux Kernel 2.2.9
cpe:/o:linux:linux_kernel:2.2.22Linux Kernel 2.2.22
cpe:/o:linux:linux_kernel:2.6.4Linux Kernel 2.6.4
cpe:/o:linux:linux_kernel:2.2.15Linux Kernel 2.2.15
cpe:/o:linux:linux_kernel:2.5.61Linux Kernel 2.5.61
cpe:/o:linux:linux_kernel:2.4.18:pre4Linux Kernel 2.4.18 pre4
cpe:/o:linux:linux_kernel:2.4.11Linux Kernel 2.4.11
cpe:/o:linux:linux_kernel:2.5.64Linux Kernel 2.5.64
cpe:/o:linux:linux_kernel:2.4.18:pre8Linux Kernel 2.4.18 pre8
cpe:/o:linux:linux_kernel:2.5.11Linux Kernel 2.5.11
cpe:/o:linux:linux_kernel:2.4.19Linux Kernel 2.4.19
cpe:/o:linux:linux_kernel:2.2.21Linux Kernel 2.2.21
cpe:/o:linux:linux_kernel:2.2.5Linux Kernel 2.2.5
cpe:/o:linux:linux_kernel:2.2.8Linux Kernel 2.2.8
cpe:/o:linux:linux_kernel:2.4.21:pre4Linux Kernel 2.4.21 pre4
cpe:/o:linux:linux_kernel:2.4.9Linux Kernel 2.4.9
cpe:/o:linux:linux_kernel:2.5.8Linux Kernel 2.5.8
cpe:/o:linux:linux_kernel:2.4.18Linux Kernel 2.4.18
cpe:/o:linux:linux_kernel:2.4.8Linux Kernel 2.4.8
cpe:/o:linux:linux_kernel:2.4.0:test5Linux Kernel 2.4.0 test5
cpe:/o:linux:linux_kernel:2.6.2Linux Kernel 2.6.2
cpe:/o:linux:linux_kernel:2.4.19:pre1Linux Kernel 2.4.19 pre1
cpe:/o:linux:linux_kernel:2.4.18:pre2Linux Kernel 2.4.18 pre2
cpe:/o:linux:linux_kernel:2.6.10Linux Kernel 2.6.10
cpe:/o:linux:linux_kernel:2.6.21:rc7Linux Kernel 2.6.21 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.6Linux Kernel 2.6.6
cpe:/o:linux:linux_kernel:2.4.0Linux Kernel 2.4.0
cpe:/o:linux:linux_kernel:2.5.53Linux Kernel 2.5.53
cpe:/o:linux:linux_kernel:2.5.43Linux Kernel 2.5.43
cpe:/o:linux:linux_kernel:2.5.51Linux Kernel 2.5.51
cpe:/o:linux:linux_kernel:2.6.0:test2Linux Kernel 2.6 test2
cpe:/o:linux:linux_kernel:2.5.54Linux Kernel 2.5.54
cpe:/o:linux:linux_kernel:2.6.1Linux Kernel 2.6.1
cpe:/o:linux:linux_kernel:2.4.27Linux Kernel 2.4.27
cpe:/o:linux:linux_kernel:2.5.27Linux Kernel 2.5.27
cpe:/o:linux:linux_kernel:2.4.24_ow1
cpe:/o:linux:linux_kernel:2.5.15Linux Kernel 2.5.15
cpe:/o:linux:linux_kernel:2.4.23:pre9Linux Kernel 2.4.23 pre9
cpe:/o:linux:linux_kernel:2.4.0:test3Linux Kernel 2.4.0 test3
cpe:/o:linux:linux_kernel:2.6.0:test1Linux Kernel 2.6 test1
cpe:/o:linux:linux_kernel:2.6.9:2.6.20
cpe:/o:linux:linux_kernel:2.6.0:test6Linux Kernel 2.6 test6
cpe:/o:linux:linux_kernel:2.2.13Linux Kernel 2.2.13
cpe:/o:linux:linux_kernel:2.2.16Linux Kernel 2.2.16
cpe:/o:linux:linux_kernel:2.5.21Linux Kernel 2.5.21
cpe:/o:linux:linux_kernel:2.5.69Linux Kernel 2.5.69
cpe:/o:linux:linux_kernel:2.4.3Linux Kernel 2.4.3
cpe:/o:linux:linux_kernel:2.5.40Linux Kernel 2.5.40
cpe:/o:linux:linux_kernel:2.4.23Linux Kernel 2.4.23
cpe:/o:linux:linux_kernel:2.2.23Linux Kernel 2.2.23
cpe:/o:linux:linux_kernel:2.2.16:pre6Linux Kernel 2.2.16 pre6
cpe:/o:linux:linux_kernel:2.4.0:test1Linux Kernel 2.4.0 test1
cpe:/o:linux:linux_kernel:2.5.30Linux Kernel 2.5.30
cpe:/o:linux:linux_kernel:2.4.27:pre2Linux Kernel 2.4.27 pre2
cpe:/o:linux:linux_kernel:2.4.0:test12Linux Kernel 2.4.0 test12
cpe:/o:linux:linux_kernel:2.4.0:test2Linux Kernel 2.4.0 test2
cpe:/o:linux:linux_kernel:2.5.16Linux Kernel 2.5.16
cpe:/o:linux:linux_kernel:2.4.18:pre1Linux Kernel 2.4.18 pre1
cpe:/o:linux:linux_kernel:2.2.17Linux Kernel 2.2.17
cpe:/o:linux:linux_kernel:2.4.20Linux Kernel 2.4.20
cpe:/o:linux:linux_kernel:2.4.27:pre5Linux Kernel 2.4.27 pre5
cpe:/o:linux:linux_kernel:2.6.1:rc2Linux Kernel 2.6.1 Release Candidate 2
cpe:/o:linux:linux_kernel:2.4.21:pre7Linux Kernel 2.4.21 pre7
cpe:/o:linux:linux_kernel:2.5.47Linux Kernel 2.5.47
cpe:/o:linux:linux_kernel:2.6.0:test4Linux Kernel 2.6 test4
cpe:/o:linux:linux_kernel:2.4.22Linux Kernel 2.4.22
cpe:/o:linux:linux_kernel:2.6.6:rc1Linux Kernel 2.6.6 Release Candidate 1
cpe:/o:linux:linux_kernel:2.3.99:pre1Linux Kernel 2.3.99 pre1
cpe:/o:linux:linux_kernel:2.6.3Linux Kernel 2.6.3
cpe:/o:linux:linux_kernel:2.2.20Linux Kernel 2.2.20
cpe:/o:linux:linux_kernel:2.5.39Linux Kernel 2.5.39
cpe:/o:linux:linux_kernel:2.5.67Linux Kernel 2.5.67
cpe:/o:linux:linux_kernel:2.2.0Linux Kernel 2.2
cpe:/o:linux:linux_kernel:2.4.21Linux Kernel 2.4.21
cpe:/o:linux:linux_kernel:2.4.25Linux Kernel 2.4.25
cpe:/o:linux:linux_kernel:2.3.99:pre7Linux Kernel 2.3.99 pre7
cpe:/o:linux:linux_kernel:2.5.18Linux Kernel 2.5.18
cpe:/o:linux:linux_kernel:2.5.23Linux Kernel 2.5.23
cpe:/o:linux:linux_kernel:2.6.7:rc1Linux Kernel 2.6.7 Release Candidate 1
cpe:/o:linux:linux_kernel:2.4.17Linux Kernel 2.4.17
cpe:/o:linux:linux_kernel:2.4.14Linux Kernel 2.4.14
cpe:/o:linux:linux_kernel:2.2.12Linux Kernel 2.2.12
cpe:/o:linux:linux_kernel:2.6.0:test9Linux Kernel 2.6 test9
cpe:/o:linux:linux_kernel:2.5.31Linux Kernel 2.5.31
cpe:/o:linux:linux_kernel:2.4.28Linux Kernel 2.4.28
cpe:/o:linux:linux_kernel:2.5.32Linux Kernel 2.5.32
cpe:/o:linux:linux_kernel:2.5.37Linux Kernel 2.5.37
cpe:/o:linux:linux_kernel:2.4.27:pre3Linux Kernel 2.4.27 pre3
cpe:/o:linux:linux_kernel:2.4.18:pre3Linux Kernel 2.4.18 pre3
cpe:/o:linux:linux_kernel:2.5.45Linux Kernel 2.5.45
cpe:/o:linux:linux_kernel:2.4.19:pre2Linux Kernel 2.4.19 pre2
cpe:/o:linux:linux_kernel:2.5.17Linux Kernel 2.5.17
cpe:/o:linux:linux_kernel:2.2.6Linux Kernel 2.2.6
cpe:/o:linux:linux_kernel:2.4.18::x86
cpe:/o:linux:linux_kernel:2.5.12Linux Kernel 2.5.12
cpe:/o:linux:linux_kernel:2.6.5Linux Kernel 2.6.5
cpe:/o:linux:linux_kernel:2.6.7Linux Kernel 2.6.7
cpe:/o:linux:linux_kernel:2.4.0:test9Linux Kernel 2.4.0 test9
cpe:/o:linux:linux_kernel:2.5.38Linux Kernel 2.5.38
cpe:/o:linux:linux_kernel:2.6_test9_cvs
cpe:/o:linux:linux_kernel:2.4.16Linux Kernel 2.4.16
cpe:/o:linux:linux_kernel:2.4.6Linux Kernel 2.4.6
cpe:/o:linux:linux_kernel:2.5.48Linux Kernel 2.5.48
cpe:/o:linux:linux_kernel:2.4.24Linux Kernel 2.4.24
cpe:/o:linux:linux_kernel:2.2.15_pre20
cpe:/o:linux:linux_kernel:2.4.7Linux Kernel 2.4.7
cpe:/o:linux:linux_kernel:2.5.33Linux Kernel 2.5.33
cpe:/o:linux:linux_kernel:2.5.50Linux Kernel 2.5.50
cpe:/o:linux:linux_kernel:2.6.8:rc2Linux Kernel 2.6.8 Release Candidate 2
cpe:/o:linux:linux_kernel:2.5.19Linux Kernel 2.5.19
cpe:/o:linux:linux_kernel:2.6.10:rc2Linux Kernel 2.6.10 Release Candidate 2
cpe:/o:linux:linux_kernel:2.4.18:pre6Linux Kernel 2.4.18 pre6
cpe:/o:linux:linux_kernel:2.5.52Linux Kernel 2.5.52
cpe:/o:linux:linux_kernel:2.5.68Linux Kernel 2.5.68
cpe:/o:linux:linux_kernel:2.2.19Linux Kernel 2.2.19
cpe:/o:linux:linux_kernel:2.5.25Linux Kernel 2.5.25
cpe:/o:linux:linux_kernel:2.6.8:rc1Linux Kernel 2.6.8 Release Candidate 1
cpe:/o:linux:linux_kernel:2.5.5Linux Kernel 2.5.5
cpe:/o:linux:linux_kernel:2.4.26Linux Kernel 2.4.26
cpe:/o:linux:linux_kernel:2.6.0:test3Linux Kernel 2.6 test3
cpe:/o:linux:linux_kernel:2.6.8Linux Kernel 2.6.8
cpe:/o:linux:linux_kernel:2.2.4Linux Kernel 2.2.4
cpe:/o:linux:linux_kernel:2.4.15Linux Kernel 2.4.15

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9770Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows lo...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0504
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0504
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200503-096
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/12195
(VENDOR_ADVISORY)  BID  12195
http://www.vupen.com/english/advisories/2005/1878
(UNKNOWN)  VUPEN  ADV-2005-1878
http://www.ubuntu.com/usn/usn-508-1
(UNKNOWN)  UBUNTU  USN-508-1
http://www.redhat.com/support/errata/RHSA-2005-663.html
(UNKNOWN)  REDHAT  RHSA-2005:663
http://www.redhat.com/support/errata/RHSA-2005-551.html
(UNKNOWN)  REDHAT  RHSA-2005:551
http://www.redhat.com/support/errata/RHSA-2005-529.html
(UNKNOWN)  REDHAT  RHSA-2005:529
http://www.debian.org/security/2006/dsa-1082
(UNKNOWN)  DEBIAN  DSA-1082
http://www.debian.org/security/2006/dsa-1070
(UNKNOWN)  DEBIAN  DSA-1070
http://www.debian.org/security/2006/dsa-1069
(UNKNOWN)  DEBIAN  DSA-1069
http://www.debian.org/security/2006/dsa-1067
(UNKNOWN)  DEBIAN  DSA-1067
http://securitytracker.com/id?1013273
(UNKNOWN)  SECTRACK  1013273
http://secunia.com/advisories/30112
(UNKNOWN)  SECUNIA  30112
http://secunia.com/advisories/26651
(VENDOR_ADVISORY)  SECUNIA  26651
http://secunia.com/advisories/20338
(VENDOR_ADVISORY)  SECUNIA  20338
http://secunia.com/advisories/20202
(UNKNOWN)  SECUNIA  20202
http://secunia.com/advisories/20163
(VENDOR_ADVISORY)  SECUNIA  20163
http://secunia.com/advisories/17002
(VENDOR_ADVISORY)  SECUNIA  17002
http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html
(UNKNOWN)  FULLDISC  20050107 grsecurity 2.1.0 release / 5 Linux kernel advisories
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
(UNKNOWN)  CONFIRM  http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
http://www.redhat.com/support/errata/RHSA-2008-0237.html
(UNKNOWN)  REDHAT  RHSA-2008:0237

- 漏洞信息

Linux Kernel 缓冲区溢出漏洞
中危 缓冲区溢出
2005-03-14 00:00:00 2007-05-16 00:00:00
本地  
        
        Linux Kernel是开放源代码操作系统Linux的内核。
        Linux Kernel moxa驱动MoxaDriverIoctl函数存在缓冲区溢出,本地攻击者可以利用这个漏洞提升特权。
        问题存在于如下代码drivers/char/moxa.c:
        In MoxaDriverIoctl():
        > if(copy_from_user( &dltmp, argp, sizeof(struct dl_str)))
        > return -EFAULT;
         ^ dltmp.len 是由用户控制
        > if(dltmp.cardno < 0 || dltmp.cardno >= MAX_BOARDS)
        > return -EINVAL;
        >
        > switch(cmd)
        > {> case MOXA_LOAD_BIOS:
        > i = moxaloadbios(dltmp.cardno, dltmp.buf, dltmp.len);
         ^ 调用时没有任何长度检查
        > return (i);
        > case MOXA_FIND_BOARD:
        > return moxafindcard(dltmp.cardno);
        > case MOXA_LOAD_C320B:
        > moxaload320b(dltmp.cardno, dltmp.buf, dltmp.len);
         ^ 调用时没有任何长度检查
        > default: /* to keep gcc happy */
        > return (0);
        > case MOXA_LOAD_CODE:
        > i = moxaloadcode(dltmp.cardno, dltmp.buf, dltmp.len);
         ^ 调用时没有任何长度检查
        在 moxaloadbios()中:
        >static int moxaloadbios(int cardno, unsigned char __user *tmp, int len)
        >{
        > void __iomem *baseAddr;
        > int i;
        >
        > if(copy_from_user(moxaBuff, tmp, len))
         ^ copy_from_user没有进行任何长度检查
        > return -EFAULT;
        在 moxaloadcode()中:
        > static int moxaloadcode(int cardno, unsigned char __user *tmp, int len)
        > {
        > void __iomem *baseAddr, *ofsAddr;
        > int retval, port, i;
        >
        > if(copy_from_user(moxaBuff, tmp, len))
         ^ copy_from_user没有进行任何长度检查
        > return -EFAULT;
        In moxaload320b():
        >static int moxaload320b(int cardno, unsigned char __user *tmp, int len)
        >{
        > void __iomem *baseAddr;
        > int i;
        >
        > if(len > sizeof(moxaBuff))
         ^ signed int只有一个上界检查
        > return -EINVAL;
        > if(copy_from_user(moxaBuff, tmp, len))
         ^ copy_from_user的len可能大于sizeof(moxaBuff)
        > return -EFAULT;
        攻击者可以控制长度值造成缓冲区溢出,精心构建提交数据可能以提升特权。
        

- 公告与补丁

        厂商补丁:
        Linux
        -----
        grsecurity linux 2.1.0已经修正此问题:
        
        http://grsecurity.net/~spender/exploits_and_patches.tgz

- 漏洞信息 (F58999)

Ubuntu Security Notice 508-1 (PacketStormID:F58999)
2007-09-01 00:00:00
Ubuntu  security.ubuntu.com
advisory,kernel,vulnerability
linux,ubuntu
CVE-2005-0504,CVE-2007-2242,CVE-2007-3104,CVE-2007-3105,CVE-2007-3848,CVE-2007-4308
[点击下载]

Ubuntu Security Notice 508-1 - A slew of vulnerabilities have been patched for the Linux 2.6 kernel.

=========================================================== 
Ubuntu Security Notice USN-508-1            August 31, 2007
linux-source-2.6.15 vulnerabilities
CVE-2005-0504, CVE-2007-2242, CVE-2007-3104, CVE-2007-3105,
CVE-2007-3848, CVE-2007-4308
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  linux-image-2.6.15-29-386                    2.6.15-29.58
  linux-image-2.6.15-29-686                    2.6.15-29.58
  linux-image-2.6.15-29-amd64-generic          2.6.15-29.58
  linux-image-2.6.15-29-amd64-k8               2.6.15-29.58
  linux-image-2.6.15-29-amd64-server           2.6.15-29.58
  linux-image-2.6.15-29-amd64-xeon             2.6.15-29.58
  linux-image-2.6.15-29-hppa32                 2.6.15-29.58
  linux-image-2.6.15-29-hppa32-smp             2.6.15-29.58
  linux-image-2.6.15-29-hppa64                 2.6.15-29.58
  linux-image-2.6.15-29-hppa64-smp             2.6.15-29.58
  linux-image-2.6.15-29-itanium                2.6.15-29.58
  linux-image-2.6.15-29-itanium-smp            2.6.15-29.58
  linux-image-2.6.15-29-k7                     2.6.15-29.58
  linux-image-2.6.15-29-mckinley               2.6.15-29.58
  linux-image-2.6.15-29-mckinley-smp           2.6.15-29.58
  linux-image-2.6.15-29-powerpc                2.6.15-29.58
  linux-image-2.6.15-29-powerpc-smp            2.6.15-29.58
  linux-image-2.6.15-29-powerpc64-smp          2.6.15-29.58
  linux-image-2.6.15-29-server                 2.6.15-29.58
  linux-image-2.6.15-29-server-bigiron         2.6.15-29.58
  linux-image-2.6.15-29-sparc64                2.6.15-29.58
  linux-image-2.6.15-29-sparc64-smp            2.6.15-29.58

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-386,
linux-powerpc, linux-amd64-generic), a standard system upgrade will
automatically perform this as well.

Details follow:

A buffer overflow was discovered in the Moxa serial driver.  Local
attackers could execute arbitrary code and gain root privileges.
(CVE-2005-0504)

A flaw was discovered in the IPv6 stack's handling of type 0 route headers.
By sending a specially crafted IPv6 packet, a remote attacker could cause
a denial of service between two IPv6 hosts. (CVE-2007-2242)

A flaw in the sysfs_readdir function allowed a local user to cause a
denial of service by dereferencing a NULL pointer. (CVE-2007-3104)

A buffer overflow was discovered in the random number generator.  In
environments with granular assignment of root privileges, a local attacker
could gain additional privileges. (CVE-2007-3105)

It was discovered that certain setuid-root processes did not correctly
reset process death signal handlers.  A local user could manipulate this
to send signals to processes they would not normally have access to.
(CVE-2007-3848)

It was discovered that the aacraid SCSI driver did not correctly check
permissions on certain ioctls.  A local attacker could cause a denial
of service or gain privileges. (CVE-2007-4308)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-29.58.diff.gz
      Size/MD5:  2945031 ee34acfe1b9234bd7fbf634bcd009030
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-29.58.dsc
      Size/MD5:     2374 1bc5afcd2d9af736ec69ed12298128f9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15.orig.tar.gz
      Size/MD5: 57403387 88ab0747cb8c2ceed662e0fd1b27d81d

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-doc-2.6.15_2.6.15-29.58_all.deb
      Size/MD5:  5163074 35051d675496a8dd547c5d105c1a3873
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-kernel-devel_2.6.15-29.58_all.deb
      Size/MD5:    91570 866be3de4f3464f1dba70b24305c6022
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-29.58_all.deb
      Size/MD5: 44727080 069f11ada37d117122813930c7ac6f0d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    22346 3f80d31c3b25d9f4cbf571f895ab1743
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    44770 4b5ebea6ef04bd212cab5191226222bb
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:     2308 43bd99a5fffda21dd4994a0c7d5f218e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    36246 ab1bdfa60ad73660f7a2a28fa6697423
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   102278 393b134578e5ecc09a71e1a3b6bfb406
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    38876 6122f5c2eadbeddbde10b4002cd57bde
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    49130 d4ddc63a80611e024fc362e42ba9a582
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   176696 dfe2d8151ad624e3fe0d6f982a0bdff7
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    36772 66d8b7dcdfc83f3d89bf14c32b364c35
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   142248 d403260502ec4c31e6f1e3feb9a42c7e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    51040 6e50e141c85c576014ad7ba42a49575d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   140608 57674bcb7d32655199ccf2ed595d61b5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   286886 a3f730ab234abde3cd0893703abeea13
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    97796 ce1748513f251f9af18096d269c4a1f5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:  1650870 e536da20900db6cb75ba1258ad7dd7a1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-amd64-generic_2.6.15-29.58_amd64.deb
      Size/MD5:   868270 69af68c8fd513951afd28653358fb13d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-amd64-k8_2.6.15-29.58_amd64.deb
      Size/MD5:   864762 fa4a0ff7122f0878d34c125b6f5f4be4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-amd64-server_2.6.15-29.58_amd64.deb
      Size/MD5:   870592 704e380eff4e2393062d1118ed732fe1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-amd64-xeon_2.6.15-29.58_amd64.deb
      Size/MD5:   866626 9f00b470a4155f7a01d6adc2b971b952
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29_2.6.15-29.58_amd64.deb
      Size/MD5:  6915646 1222764a29ce05a6b5b5efb511d7a402
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-amd64-generic_2.6.15-29.58_amd64.deb
      Size/MD5: 20802608 5854deb635166bb3651e5644dfe1c340
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-amd64-k8_2.6.15-29.58_amd64.deb
      Size/MD5: 20778102 573ab205d36f9cb19b4fdfe98d7f01de
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-amd64-server_2.6.15-29.58_amd64.deb
      Size/MD5: 21623610 7ee3cd367f1f8f2936969731beb6523e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-amd64-xeon_2.6.15-29.58_amd64.deb
      Size/MD5: 19888932 63328ebbeb65925a9a21eecde218daf3
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    15628 91296e1d41c02302d1af870c599a9706
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   240270 836dc583e8240c3b7853bcb04db5e0d4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   202550 2705f5fbe7278577f1d155cd3ef0293e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:  1048594 815da4e59e77c8066767786d232b2fbc
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:  1486518 5e1b54efb8a72318880246889a05f984
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   161636 8b8476d38bc777f5da70f1e9ee4b7425
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:     9824 6a1855cf65983e19ce81ddf40f2e2f11
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    80854 ebf73103be723c92163bb4942caf4802
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    49168 440368883d28f2282dd6164d4b79d138
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    35156 5b1d2552f658ef61046a1fcac4cf3d4d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    70856 1682966047520222550b636b7362091e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:     6216 36ca65b5fb3c1f4ed194ba62d4481ccb
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:     9066 55e4a541a39994905b6d5fd19792af5f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    57876 1490e5587d1a61558d4365d07f47c459
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   123324 445b8bc759447188691444f60d2d6ff4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   100894 4e9ae77b10d5cbde3e11c773ff8ca40e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    79238 cd001bb6629aafc477718630961c0de5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:  1594706 0a6ff55d079bba90a9ea4610c43405d7
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    72288 b6e31470a0fc55cc5fc7940b5daa221b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    12648 fb71ed780ebd9f04d2f3e6ce027fe5cc
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    33736 5e8c3e1d91cbc2874157399c9da7a8e2
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   138178 41932a94fa2bcbfd2380857a1cc93a76
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:    38930 c25c0001cc9e75d21e795367000ed2db
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-29-amd64-generic-di_2.6.15-29.58_amd64.udeb
      Size/MD5:   278738 3a990a6fc4a90b6f9a73ac517aba2b80

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/acpi-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    18964 000b3964cf1e83d631b42d3996c06242
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    43448 0a03972f928d23eddaff3b8721f6e982
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   105200 069b584ddc70c19c487693e5206caf53
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:     2278 cd3ad94a949a25c0d4a0182409a1e8d3
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    34572 d3203d37ca4b0ad21b52c8431f6079fe
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    96956 9372b2cb864f4762456533357a785676
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    37084 17bd6b4bc56f53ee963b21c0c11cf2d5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    44076 29f4c5c2b808a647a641e3a63ea2ecaf
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   167742 2cbf9ba0ad417cb12237d4d68be0e7ad
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    33928 9612625a94faa087ee08d7a050c41374
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   137842 866701683e8235239bb411fcc595e170
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    46876 d1c81125eb1d078cff66cd5ce35e1adc
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   132962 7b00fe193d914911f6aee92b9075c6e8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   273448 62a070395c52a1dd8d20bfa49dd49219
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   102248 f50c3756b04a2d1a32215225b8724988
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:  1595356 70a4fa53300a8994a143017ff65359b6
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-386_2.6.15-29.58_i386.deb
      Size/MD5:   857378 b0aa4ba314b16f9bccfcd82378f22192
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-686_2.6.15-29.58_i386.deb
      Size/MD5:   853184 6e966f35ae2ee7e2ea49c75b6e3f021d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-k7_2.6.15-29.58_i386.deb
      Size/MD5:   858604 c0875f3291eeb4f76afeaaea06b302a6
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-server-bigiron_2.6.15-29.58_i386.deb
      Size/MD5:   859632 b8ba6114f5c107e4883e4b221079a0e4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-server_2.6.15-29.58_i386.deb
      Size/MD5:   857686 986cf999955a2de72de11b36f0e7a891
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29_2.6.15-29.58_i386.deb
      Size/MD5:  6907818 ad0bfb47fb957d9cd37931d4c1c4c4eb
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-386_2.6.15-29.58_i386.deb
      Size/MD5: 21706272 2218778d09edddf2585003a8a1710072
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-686_2.6.15-29.58_i386.deb
      Size/MD5: 22503364 53fa3843d3ece5f6d1c1f77f4569ed8a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-k7_2.6.15-29.58_i386.deb
      Size/MD5: 22244292 00f5b822874e30958504c21a9064bfb4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-server-bigiron_2.6.15-29.58_i386.deb
      Size/MD5: 23604392 769b7499066d07f71b682ab727c37ce4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-server_2.6.15-29.58_i386.deb
      Size/MD5: 23166644 0d9f59cd3e1fd3ac7a4ff24061ab300e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    15500 642c6a811dfe1fcdcbf63d2346482a17
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   238432 745c4d05a2d12b74ef4f34a6b64f1576
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   196962 932c555dac36059b1c966fdc4de73b90
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:  1048372 7e2363f50fe913bbfe57692ab4dccf02
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:  1684982 3a6f213e359861af99a81af21d5077ca
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   160808 4bdd5fb3bb139c5910040531c29b29b2
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:     9160 f3671d6b5b78c098075f1b13894cf516
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    76476 5cf9894af667d3804d8a1aa5c9b2567a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ntfs-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    53250 f24326e572030b0077671339e41ba1de
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    33050 77b080c30b6ea5b99a1a32a59cfdf92c
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    85622 88371ba8468bc9abac38d45e36d15747
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:     6018 e2a324aa70be02ef2a3cc19ac0b75925
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:     8752 974f96fa27fb204649f16dfec02b9da0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    53590 6b194c2e212691956d278c2543e6213d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   130766 4f787e8087ae2d0b3e49870162e51ba8
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    98408 660b3b7c9472fb04bbab2ba460f16e7b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    77170 af9b44cd751945de19dce04ac2812903
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:  1768392 b3f99aa2554c41f11e66128cf3801994
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    69556 953a15fbb387a7fe4c42f136f7eacdbd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    11756 1f676a46d600535e177a7458fd2d54d7
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    35990 e596f0d036b1eb0a6b473eb2f604337f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   132390 8a242c326212d3151e82ace58f249473
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:    38550 96b10a24c628332eebd9fc5430cf87ac
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-29-386-di_2.6.15-29.58_i386.udeb
      Size/MD5:   299114 aa99f44c65994c4c216ba2ab7607cb5f

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    23724 9cc15159da0af068359bc70a82bb0085
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/affs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    25946 ab789ec0ea59184d6bb48c590b4adaed
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    49306 1a8732ee80ec9b5f9bc5813aaa874ad9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    51522 ac79e195789db81779ccb12ec444398c
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:     2302 c0fdac7a18fdadcf88b3395383022ee3
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:     2480 0a203b672dcb3ce258fe17c39a4116b5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    40188 f51a136e1371c1b1bba29548f8738814
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    43754 90cb6ac88a6d339a5b948e7297c5a8d9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   112608 3e494f36b76539fa472bc8a278969637
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   120654 19341d634d863662f4f7f143a01e866b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    40844 7769f512de02b6b3704fc10b4bb63a96
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    45946 2c3fc5a4fab2de22c7252d1d01c78e5f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    29022 e1414120df205aa61d906e242d4d44ab
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fb-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    29894 3f58c05c7aaeacd07ab158bd3c245a9b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   211402 ff3287779f90d3885e3b59a1070bacc5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/firewire-core-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   225204 2fbc68ec0ddee52616f1c1b92a1a11e6
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    45052 f8adda143901e29968903f261deb9921
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/floppy-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    40208 25f13ee5fea5dce7bb15472345fda944
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:     1932 d28c167eafe11ec7b803e4cdabe9ce73
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fs-common-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:     2196 ba758fa3da9dbf2b8d807bf1ecb6fb10
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    80604 8c039f49b06b695d812406477f73d55f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/hfs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    85958 934e069db2dc53bde35913121de362ac
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   111628 b30f5a8408364537b81dd16568a934c5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   125792 4630eb1018d5bb1eb05282d5ea9718cc
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    53406 71d4220916c1dec5211101d3b1b74895
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    58476 461bfa2e39e67eda4d05e6cda47e6467
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   147760 23f7144746b9d6f04143fba3ffb0debb
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   161700 dee8f3fdc63db6755eb3ec05488c50d5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   317500 c0a90258c5d3899a355feb4a01826b33
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/irda-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   287580 2bac356195bd57da9d857cd811afe129
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   115852 31a4e0ae3ebcf377f7bfc6d8a9cc842d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/jfs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   116516 28964205c9b8aededbf2c8514072a92e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  1923400 b461dfcb0f0b59e4588f6dfd7c84cb46
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  2436154 3154bc6657b382eea2698bc35770579d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-powerpc-smp_2.6.15-29.58_powerpc.deb
      Size/MD5:   870654 3f882b531848dc08e956b409c3dae826
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-powerpc64-smp_2.6.15-29.58_powerpc.deb
      Size/MD5:   863320 f155ffba28fae7c316f7cb9e24f0f580
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-powerpc_2.6.15-29.58_powerpc.deb
      Size/MD5:   870298 9088fc87982a3f2f3f93597fcb004b03
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29_2.6.15-29.58_powerpc.deb
      Size/MD5:  6939668 48697c1494aa5c6cd674a6ea796b4ddd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-powerpc-smp_2.6.15-29.58_powerpc.deb
      Size/MD5: 22770560 af28361139f5474a67ce33631066c0e9
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-powerpc64-smp_2.6.15-29.58_powerpc.deb
      Size/MD5: 23659128 2661665471791019e6971aec81aa7441
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-powerpc_2.6.15-29.58_powerpc.deb
      Size/MD5: 22344354 1e0e2e10b2db81a0a55cdcbf12c78edc
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    17778 719a6a50507f4c77d4ae297660d03622
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    17376 e855069e493fd7c056bf58923da86448
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   261150 f291938a02b966ebd5d1a991b69203fd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   282356 1ec1453e93a5206244973eefc51bb441
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   227462 52981b2ac457b61528e8791357e73bcd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   248670 50907d9b0394d8af06cde8ccab43d84f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  1048430 0b19393c376661b27f0e5a8bc49c37ca
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  1048594 6997b30c7ae8f4a0eb59cf0b168fb045
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  1673580 cc4eefd300d195c66ac933fe46eb7b8d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  1808832 59d7c3edd225e3ccec07335a6cf50f10
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   250942 93c994e7b28c66effc74e9fd089fcec0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-pcmcia-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   233670 bdab1fd84448293e56f09ad82e4c5e1e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    13034 e0191d81b4b40762fa288ab648ffc628
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    13518 d5a361b77223326b5497bcedc62f4ed1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    84840 e17d7d20b47ecfc377d3f1a450a36cb0
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-usb-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    52194 6d2a3bdbe73d01aae4f24a452ac79cbf
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    73926 72e25d044c1d2ca9d39846aa989de584
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    85838 2e88120076b0daf8df1055609a866543
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:     6614 4552e41dee57792c3095cf0b885cc2b1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/pcmcia-storage-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:     7062 31d7371210c94acfcd535675134fbbda
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    60352 ada98a00dc2df0440d248fa26027502b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    70346 2e15c53f4f08bc9de95f47f39eb9e983
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   128538 3ba1be798c33de441fbb0ac9275817d4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   157796 8074a5b4abb71dc851d7c349483f84ef
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   107928 654a385a8b25de8656f9f133cb0ad31f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/sata-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   125992 7d953b213fadcca6398aef68a93c1e53
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    87304 418d80fb9ad053a60fef7b1a3fd40f7b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    93310 b449f11b263b4c7d2540768723a40f6b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  2013970 1cd34543404f4af137334a8d9bb65011
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:  1988078 0237aeff3b17aa4c8f2f65baeb78c47f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   104118 e8220aa34099fd895d470e41d983d4ce
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/serial-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   115696 4c429cd2a8e823c912e6d4bfdcb4ff61
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    12734 e6a8b4a6411b5d84ba12c6179f21913d
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/socket-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    14436 4bc5180fa8cf2c4e82e8e8c5935120fa
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    39944 ea5f5d75352a0a86c0cb53126c875fd6
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ufs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    41466 feeb64f2b7b38bf123c52b43eb5d7a53
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   149100 12ca7b38b2b6c461cada17a66e623721
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   167802 883487e0ddf7acb67c4588530af4b0e4
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    42268 39533deae707d2c66815570106e5cb30
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:    44868 932c27757e385426599212b27b62380f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-29-powerpc-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   320284 ed140f1c9f5446624d53075165fb03c1
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-29-powerpc64-smp-di_2.6.15-29.58_powerpc.udeb
      Size/MD5:   324710 a68bd61b2aad6d2355a63920eecccf92

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/cdrom-core-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    50464 a9bce13ee7b14fa1e2ac2f5cf18b3308
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/crc-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:     2356 2db9ce50701b6322f3fb037f6b0a0789
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext2-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    40320 ac315409a4dead1b1507658d28505d7b
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ext3-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   110522 ed4c9493a70c810499820a009f1b9eab
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/fat-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    41170 162478018cfc248e33265e949cff6766
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ide-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   104230 9acfa820fa4d6466b2d58e8d3ce8c72a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/input-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:     7438 93b54ecd2795f1c61ca97bdf754b6c94
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ipv6-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   149018 378ed6c08705bae39646a3af138c32b2
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/kernel-image-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:  1708216 8a7fb34a344ebe2c85c97300c2a861dd
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-sparc64-smp_2.6.15-29.58_sparc.deb
      Size/MD5:   767810 94c2be8cac5d715d27a0ba57b08c9753
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29-sparc64_2.6.15-29.58_sparc.deb
      Size/MD5:   763906 a28af7ed1ebcaf0f29b787897bbd5e8a
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-headers-2.6.15-29_2.6.15-29.58_sparc.deb
      Size/MD5:  6952868 b01a94ead329783e60e3c4888f830f4f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-sparc64-smp_2.6.15-29.58_sparc.deb
      Size/MD5: 15002402 2a0d55004e3fcfc8f475aabfa7574520
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-image-2.6.15-29-sparc64_2.6.15-29.58_sparc.deb
      Size/MD5: 14817614 d64e0b09cfef834b6761ca9462989f06
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/loop-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:     7422 685b37bae72235ac7b312a1bc41055fc
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/md-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   248520 59490625653de5011cad29fe1578ad2f
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nfs-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   212270 1f97547edecbef4df89926bffe3bb672
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-firmware-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:  1048444 0633b212b5b32582b6cf2bb2ae0fa8d7
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:  1421606 0227e44beb3224a1db23079376ed9a77
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/nic-shared-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    10122 1810a12865afe07273be4901673364ae
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/parport-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    40184 f6145b7a45422c8236766749c177e778
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/plip-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:     9360 a643266df27fcd813a31ab88f7560874
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/ppp-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    61438 ef21a63784e51587b281f2b93819551e
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/reiserfs-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   163012 fb775c62d127c1a66b6f660167f07636
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-core-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    63984 c34fccf148037eae1cf777dd4bee71fb
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/scsi-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:  1235080 cf735c035765bb1db4a05b22a3a0d954
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    59352 4ed476a174a17cb1130c58e2b48aace5
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/usb-storage-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:    37402 d2823f6ee10779e5e49b4d71a0bd6c06
    http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/xfs-modules-2.6.15-29-sparc64-di_2.6.15-29.58_sparc.udeb
      Size/MD5:   280072 e837b3b29d39067fed9cb8c5c78d42bf

    

- 漏洞信息

12837
Linux Kernel MOXA Serial Driver Overflow
Local Access Required Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

A local overflow exists in the Linux kernel. The MoxaDriverIoctl() function fails to validate user-supplied data resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

- 时间线

2005-01-07 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Linux Kernel Multiple Local MOXA Serial Driver Buffer Overflow Vulnerabilities
Boundary Condition Error 12195
No Yes
2005-01-07 12:00:00 2008-06-11 05:22:00
Brad Spengler <spender@grsecurity.net> is credited with the discovery of these vulnerabilities.

- 受影响的程序版本

Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.5.69
Linux kernel 2.5.68
Linux kernel 2.5.67
Linux kernel 2.5.66
Linux kernel 2.5.65
Linux kernel 2.5.64
Linux kernel 2.5.63
Linux kernel 2.5.62
Linux kernel 2.5.61
Linux kernel 2.5.60
Linux kernel 2.5.59
Linux kernel 2.5.58
Linux kernel 2.5.57
Linux kernel 2.5.56
Linux kernel 2.5.55
Linux kernel 2.5.54
Linux kernel 2.5.53
Linux kernel 2.5.52
Linux kernel 2.5.51
Linux kernel 2.5.50
Linux kernel 2.5.49
Linux kernel 2.5.48
Linux kernel 2.5.47
Linux kernel 2.5.46
Linux kernel 2.5.45
Linux kernel 2.5.44
Linux kernel 2.5.43
Linux kernel 2.5.42
Linux kernel 2.5.41
Linux kernel 2.5.40
Linux kernel 2.5.39
Linux kernel 2.5.38
Linux kernel 2.5.37
Linux kernel 2.5.36
Linux kernel 2.5.35
Linux kernel 2.5.34
Linux kernel 2.5.33
Linux kernel 2.5.32
Linux kernel 2.5.31
Linux kernel 2.5.30
Linux kernel 2.5.29
Linux kernel 2.5.28
Linux kernel 2.5.27
Linux kernel 2.5.26
Linux kernel 2.5.25
Linux kernel 2.5.24
Linux kernel 2.5.23
Linux kernel 2.5.22
Linux kernel 2.5.21
Linux kernel 2.5.20
Linux kernel 2.5.19
Linux kernel 2.5.18
Linux kernel 2.5.17
Linux kernel 2.5.16
Linux kernel 2.5.15
Linux kernel 2.5.14
Linux kernel 2.5.13
Linux kernel 2.5.12
Linux kernel 2.5.11
Linux kernel 2.5.10
Linux kernel 2.5.9
Linux kernel 2.5.8
Linux kernel 2.5.7
Linux kernel 2.5.6
Linux kernel 2.5.5
Linux kernel 2.5.4
Linux kernel 2.5.3
Linux kernel 2.5.2
Linux kernel 2.5.1
Linux kernel 2.5 .0
Linux kernel 2.4.36 .4
Linux kernel 2.4.36 .4
Linux kernel 2.4.36 .1
Linux kernel 2.4.36
Linux kernel 2.4.35 .3
Linux kernel 2.4.34
Linux kernel 2.4.34
Linux kernel 2.4.34
Linux kernel 2.4.33 2
Linux kernel 2.4.33 .7
Linux kernel 2.4.33 .6
Linux kernel 2.4.33 .6
Linux kernel 2.4.33 .5
Linux kernel 2.4.33 .4
Linux kernel 2.4.33 .3
Linux kernel 2.4.33 .3
Linux kernel 2.4.33 .1
Linux kernel 2.4.33 -pre1
Linux kernel 2.4.33
Linux kernel 2.4.32 -pre2
Linux kernel 2.4.32 -pre1
Linux kernel 2.4.32
Linux kernel 2.4.31 -pre1
Linux kernel 2.4.31
Linux kernel 2.4.30 rc3
Linux kernel 2.4.30 rc2
Linux kernel 2.4.30
Linux kernel 2.4.29 -rc2
Linux kernel 2.4.29 -rc1
Linux kernel 2.4.29
Linux kernel 2.4.28
Linux kernel 2.4.27 -pre5
Linux kernel 2.4.27 -pre4
Linux kernel 2.4.27 -pre3
Linux kernel 2.4.27 -pre2
Linux kernel 2.4.27 -pre1
Linux kernel 2.4.27
Linux kernel 2.4.26
Linux kernel 2.4.25
Linux kernel 2.4.24 -ow1
Linux kernel 2.4.24
Linux kernel 2.4.23 -pre9
Linux kernel 2.4.23 -ow2
Linux kernel 2.4.23
Linux kernel 2.4.22
Linux kernel 2.4.21 pre7
Linux kernel 2.4.21 pre4
Linux kernel 2.4.21 pre1
Linux kernel 2.4.21
+ Conectiva Linux 9.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ SuSE SUSE Linux Enterprise Server 8
Linux kernel 2.4.20
Linux kernel 2.4.19 -pre6
Linux kernel 2.4.19 -pre5
Linux kernel 2.4.19 -pre4
Linux kernel 2.4.19 -pre3
Linux kernel 2.4.19 -pre2
Linux kernel 2.4.19 -pre1
Linux kernel 2.4.19
Linux kernel 2.4.18 pre-8
Linux kernel 2.4.18 pre-7
Linux kernel 2.4.18 pre-6
Linux kernel 2.4.18 pre-5
Linux kernel 2.4.18 pre-4
Linux kernel 2.4.18 pre-3
Linux kernel 2.4.18 pre-2
Linux kernel 2.4.18 pre-1
Linux kernel 2.4.18 x86
Linux kernel 2.4.18
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
Linux kernel 2.4.12
+ Conectiva Linux 7.0
Linux kernel 2.4.11
Linux kernel 2.4.10
+ S.u.S.E. Linux 7.3
Linux kernel 2.4.9
Linux kernel 2.4.8
Linux kernel 2.4.7
Linux kernel 2.4.6
Linux kernel 2.4.5
+ Slackware Linux 8.0
Linux kernel 2.4.4
Linux kernel 2.4.3
Linux kernel 2.4.2
Linux kernel 2.4.1
Linux kernel 2.4 .0-test9
Linux kernel 2.4 .0-test8
Linux kernel 2.4 .0-test7
Linux kernel 2.4 .0-test6
Linux kernel 2.4 .0-test5
Linux kernel 2.4 .0-test4
Linux kernel 2.4 .0-test3
Linux kernel 2.4 .0-test2
Linux kernel 2.4 .0-test12
Linux kernel 2.4 .0-test11
Linux kernel 2.4 .0-test10
Linux kernel 2.4 .0-test1
Linux kernel 2.4
Linux kernel 2.3.99 -pre7
Linux kernel 2.3.99 -pre6
Linux kernel 2.3.99 -pre5
Linux kernel 2.3.99 -pre4
Linux kernel 2.3.99 -pre3
Linux kernel 2.3.99 -pre2
Linux kernel 2.3.99 -pre1
Linux kernel 2.3.99
Linux kernel 2.3 .x
Linux kernel 2.3
Linux kernel 2.2.25
Linux kernel 2.2.24
Linux kernel 2.2.23
Linux kernel 2.2.22
Linux kernel 2.2.21
Linux kernel 2.2.20
Linux kernel 2.2.19
Linux kernel 2.2.18
+ Caldera OpenLinux 2.4
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
+ Conectiva Linux 4.0 es
+ Conectiva Linux 4.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ Mandriva Linux Mandrake 6.1
+ Mandriva Linux Mandrake 6.0
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ RedHat Linux 6.1 sparc
+ RedHat Linux 6.1 i386
+ RedHat Linux 6.1 alpha
+ RedHat Linux 6.0 sparc
+ RedHat Linux 6.0 alpha
+ RedHat Linux 6.0
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux 6.3 ppc
+ S.u.S.E. Linux 6.3 alpha
+ S.u.S.E. Linux 6.3
+ S.u.S.E. Linux 6.1 alpha
+ S.u.S.E. Linux 6.1
+ S.u.S.E. Linux 6.0
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Slackware Linux 7.1
+ Slackware Linux 7.0
+ Slackware Linux 4.0
+ Wirex Immunix OS 7.0 -Beta
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 6.2
Linux kernel 2.2.17
Linux kernel 2.2.16 pre6
Linux kernel 2.2.16
Linux kernel 2.2.15 pre20
Linux kernel 2.2.15 pre16
Linux kernel 2.2.15
Linux kernel 2.2.14
+ Red Hat Linux 6.2
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Sun Cobalt RaQ 4
Linux kernel 2.2.13
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux 6.3
Linux kernel 2.2.12
Linux kernel 2.2.11
Linux kernel 2.2.10
+ Caldera OpenLinux 2.3
Linux kernel 2.2.9
Linux kernel 2.2.8
Linux kernel 2.2.7
Linux kernel 2.2.6
Linux kernel 2.2.5
Linux kernel 2.2.4
Linux kernel 2.2.3
Linux kernel 2.2.2
Linux kernel 2.2.1
Linux kernel 2.2 .x
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
Linux kernel 2.2
Linux kernel 2.4.34.6
Linux kernel 2.4.34.5
Linux kernel 2.4.34.3
Linux kernel 2.4.33.5
Linux kernel 2.4.33.4
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Avaya Voice Portal 4.1
Avaya Voice Portal 4.0
Avaya Voice Portal 3.0
Avaya SIP Enablement Services 4.0
Avaya SES 3.1.2
Avaya SES 3.1.1
Avaya SES 4.0
Avaya SES 3.1
Avaya Messaging Storage Server MSS 3.0
Avaya Messaging Storage Server MM3.0
Avaya Messaging Storage Server 3.1
Avaya Message Networking MN 3.1
Avaya Message Networking 3.1
Avaya Intuity AUDIX LX 2.0
Avaya EMMC 1.021
Avaya EMMC 1.017
Avaya Communication Manager 5.0
Avaya Communication Manager 4.0
Avaya Communication Manager 3.1
Avaya Aura SIP Enablement Services 3.1.1
Avaya Aura SIP Enablement Services 5.0
Avaya Aura SIP Enablement Services 3.1
Avaya Aura SIP Enablement Services 3.0
Avaya AES 4.2
Linux kernel 2.4.36 .5

- 不受影响的程序版本

Linux kernel 2.4.36 .5

- 漏洞讨论

The MOXA serial driver in the Linux kernel is reported prone to multiple buffer-overflow vulnerabilities. The driver fails to perform proper bounds checks before copying user-supplied data to fixed-size memory buffers.

These vulnerabilities reside in the 'drivers/char/moxa.c' file.

The vulnerable functions perform a 'copy_from_user()' call to copy user-supplied, user-space data to a fixed-size, static kernel memory buffer (moxaBuff) of 10240 bytes in length while using the user-supplied length argument as passed from 'MoxaDriverIoctl()'. This reportedly results in improperly bounded operations, potentially causing locally exploitable buffer overflows.

Linux kernels from 2.2 through 2.4 and 2.6 are all reported prone to these vulnerabilities.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

Please see the referenced advisories for information on obtaining and applying the appropriate updates.


Red Hat Fedora Core1

Linux kernel 2.4 .0-test3

Linux kernel 2.4

Linux kernel 2.4 .0-test11

Linux kernel 2.4 .0-test9

Linux kernel 2.4.10

Linux kernel 2.4.11

Linux kernel 2.4.12

Linux kernel 2.4.18 pre-2

Linux kernel 2.4.18 pre-5

Linux kernel 2.4.18 pre-1

Linux kernel 2.4.19 -pre4

Linux kernel 2.4.19 -pre3

Linux kernel 2.4.21

Linux kernel 2.4.21 pre7

Linux kernel 2.4.23 -pre9

Linux kernel 2.4.25

Linux kernel 2.4.26

Linux kernel 2.4.27 -pre2

Linux kernel 2.4.27 -pre4

Linux kernel 2.4.29 -rc2

Linux kernel 2.4.30 rc3

Linux kernel 2.4.31 -pre1

Linux kernel 2.4.32 -pre2

Linux kernel 2.4.32 -pre1

Linux kernel 2.4.33 -pre1

Linux kernel 2.4.33 .7

Linux kernel 2.4.36 .1

Linux kernel 2.4.36 .4

Linux kernel 2.6.8 rc1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站