CVE-2006-0454
CVSS5.0
发布时间 :2006-02-07 13:06:00
修订时间 :2016-10-17 23:38:55
NMCOS    

[原文]Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.


[CNNVD]Linux Kernel ICMP_Send远程拒绝服务漏洞(CNNVD-200602-080)

        Linux Kernel 2.6.12到2.6.15.3版本中,若icmp.c中的ip_options_echo功能故障,则无法正确在icmp_send中构建ICMP响应。远程攻击者可以借助向量,如设置了needaddr位以及具有截断值的(1) record-route和(2)IP时间戳选项,来造成拒绝服务(崩溃)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CWE (弱点类目)

CWE-399 [资源管理错误]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.12.6Linux Kernel 2.6.12.6
cpe:/o:linux:linux_kernel:2.6.13.5Linux Kernel 2.6.13.5
cpe:/o:linux:linux_kernel:2.6.14.4Linux Kernel 2.6.14.4
cpe:/o:linux:linux_kernel:2.6.12.5Linux Kernel 2.6.12.5
cpe:/o:linux:linux_kernel:2.6.12:rc3Linux Kernel 2.6.12 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.13.4Linux Kernel 2.6.13.4
cpe:/o:linux:linux_kernel:2.6.14.3Linux Kernel 2.6.14.3
cpe:/o:linux:linux_kernel:2.6.15.2Linux Kernel 2.6.15.2
cpe:/o:linux:linux_kernel:2.6.12.4Linux Kernel 2.6.12.4
cpe:/o:linux:linux_kernel:2.6.13Linux Kernel 2.6.13
cpe:/o:linux:linux_kernel:2.6.13.3Linux Kernel 2.6.13.3
cpe:/o:linux:linux_kernel:2.6.14.2Linux Kernel 2.6.14.2
cpe:/o:linux:linux_kernel:2.6.15.1Linux Kernel 2.6.15.1
cpe:/o:linux:linux_kernel:2.6.12.3Linux Kernel 2.6.12.3
cpe:/o:linux:linux_kernel:2.6.13.2Linux Kernel 2.6.13.2
cpe:/o:linux:linux_kernel:2.6.14Linux Kernel 2.6.14
cpe:/o:linux:linux_kernel:2.6.14.1Linux Kernel 2.6.14.1
cpe:/o:linux:linux_kernel:2.6.14.6Linux Kernel 2.6.14.6
cpe:/o:linux:linux_kernel:2.6.14.5Linux Kernel 2.6.14.5
cpe:/o:linux:linux_kernel:2.6.12.2Linux Kernel 2.6.12.2
cpe:/o:linux:linux_kernel:2.6.13.1Linux Kernel 2.6.13.1
cpe:/o:linux:linux_kernel:2.6.12.1Linux Kernel 2.6.12.1
cpe:/o:linux:linux_kernel:2.6.15Linux Kernel 2.6.15
cpe:/o:linux:linux_kernel:2.6.12Linux Kernel 2.6.12
cpe:/o:linux:linux_kernel:2.6.14.7Linux Kernel 2.6.14.7
cpe:/o:linux:linux_kernel:2.6.13:rc5Linux Kernel 2.6.13 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.13:rc6Linux Kernel 2.6.13 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.13:rc1Linux Kernel 2.6.13 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.14:rc2Linux Kernel 2.6.14 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.12:rc5Linux Kernel 2.6.12 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.13:rc2Linux Kernel 2.6.13 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.12:rc6Linux Kernel 2.6.12 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.13:rc7Linux Kernel 2.6.13 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.14:rc5Linux Kernel 2.6.14 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.12:rc4Linux Kernel 2.6.12 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.12:rc1Linux Kernel 2.6.12 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.14:rc3Linux Kernel 2.6.14 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.12:rc2Linux Kernel 2.6.12 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.13:rc3Linux Kernel 2.6.13 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.14:rc4Linux Kernel 2.6.14 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.13:rc4Linux Kernel 2.6.13 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc1Linux Kernel 2.6.14 Release Candidate 1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0454
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0454
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200602-080
(官方数据源) CNNVD

- 其它链接及资源

http://lists.immunitysec.com/pipermail/dailydave/2006-February/002909.html
(PATCH)  MLIST  [dailydave] 20060207 Fun with Linux (2.6.12 -> 2.6.15.2)
http://marc.info/?l=linux-kernel&m=113927617401569&w=2
(UNKNOWN)  MLIST  [linux-kernel] 20060207 Linux 2.6.15.3
http://marc.info/?l=linux-kernel&m=113927648820694&w=2
(UNKNOWN)  MLIST  [linux-kernel] 20060207 Re: Linux 2.6.15.3
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3
(UNKNOWN)  CONFIRM  http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3
http://www.mandriva.com/security/advisories?name=MDKSA-2006:040
(UNKNOWN)  MANDRIVA  MDKSA-2006:040
http://www.novell.com/linux/security/advisories/2006_06_kernel.html
(VENDOR_ADVISORY)  SUSE  SUSE-SA:2006:006
http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00037.html
(VENDOR_ADVISORY)  FEDORA  FEDORA-2006-102
http://www.securityfocus.com/archive/1/archive/1/427981/100/0/threaded
(VENDOR_ADVISORY)  FEDORA  FLSA:157459-4
http://www.securityfocus.com/bid/16532
(PATCH)  BID  16532
http://www.trustix.org/errata/2006/0006
(VENDOR_ADVISORY)  TRUSTIX  2006-0006
http://www.ubuntu.com/usn/usn-250-1
(UNKNOWN)  UBUNTU  USN-250-1
http://www.vupen.com/english/advisories/2006/0464
(VENDOR_ADVISORY)  VUPEN  ADV-2006-0464
http://xforce.iss.net/xforce/xfdb/24575
(UNKNOWN)  XF  kernel-icmp-ipoptionsecho-dos(24575)

- 漏洞信息

Linux Kernel ICMP_Send远程拒绝服务漏洞
中危 资源管理错误
2006-02-07 00:00:00 2006-04-28 00:00:00
远程  
        Linux Kernel 2.6.12到2.6.15.3版本中,若icmp.c中的ip_options_echo功能故障,则无法正确在icmp_send中构建ICMP响应。远程攻击者可以借助向量,如设置了needaddr位以及具有截断值的(1) record-route和(2)IP时间戳选项,来造成拒绝服务(崩溃)。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        S.u.S.E. Linux Professional 10.0
        SuSE kernel-default-2.6.13-15.8.ppc.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-default-2. 6.13-15.8.ppc.rpm
        SuSE kernel-default-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default -2.6.13-15.8.x86_64.rpm
        SuSE kernel-default-nongpl-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default -nongpl-2.6.13-15.8.x86_64.rpm
        SuSE kernel-iseries64-2.6.13-15.8.ppc.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-iseries64- 2.6.13-15.8.ppc.rpm
        SuSE kernel-ppc64-2.6.13-15.8.ppc.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-ppc64-2.6. 13-15.8.ppc.rpm
        SuSE kernel-smp-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-2.6 .13-15.8.x86_64.rpm
        SuSE kernel-smp-nongpl-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-non gpl-2.6.13-15.8.x86_64.rpm
        SuSE kernel-source-2.6.13-15.8.ppc.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-source-2.6 .13-15.8.ppc.rpm
        SuSE kernel-source-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-source- 2.6.13-15.8.x86_64.rpm
        SuSE kernel-syms-2.6.13-15.8.ppc.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-syms-2.6.1 3-15.8.ppc.rpm
        SuSE kernel-syms-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-syms-2. 6.13-15.8.x86_64.rpm
        SuSE kernel-xen-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-2.6 .13-15.8.x86_64.rpm
        SuSE kernel-xen-nongpl-2.6.13-15.8.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-non gpl-2.6.13-15.8.x86_64.rpm
        SuSE xen-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-3.0_8259-0 .1.x86_64.rpm
        SuSE xen-devel-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-devel-3.0_ 8259-0.1.x86_64.rpm
        SuSE xen-doc-html-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-html-3 .0_8259-0.1.x86_64.rpm
        SuSE xen-doc-pdf-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-pdf-3. 0_8259-0.1.x86_64.rpm
        SuSE xen-doc-ps-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-ps-3.0 _8259-0.1.x86_64.rpm
        SuSE xen-tools-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-3.0_ 8259-0.1.x86_64.rpm
        SuSE xen-tools-ioemu-3.0_8259-0.1.x86_64.rpm
        SUSE LINUX 10.0:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-ioem u-3.0_8259-0.1.x86_64.rpm
        Linux kernel 2.6 -test6
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6 -test4
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6 -test2
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6 -test11
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6 -test9-CVS
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6 -test3
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        Linux kernel 2.6 .10
        Linux linux-2.6.15.3.tar.bz2
        http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.3.tar.bz2
        

- 漏洞信息

22993
Linux Kernel ip_options_echo() Function Crafted ICMP Packet Remote DoS
Remote / Network Access Denial of Service
Loss of Availability
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-02-07 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.6.15.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel ICMP_Send Remote Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 16532
Yes No
2006-02-07 12:00:00 2007-01-25 04:20:00
The vendor disclosed this issue.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Personal 10.0 OSS
Red Hat Fedora Core4
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
+ Red Hat Fedora Core4
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
+ S.u.S.E. Linux Enterprise Server 9
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.6.15 .3

- 不受影响的程序版本

Linux kernel 2.6.15 .3

- 漏洞讨论

Linux kernel is prone to a remote denial-of-service vulnerability.

Remote attackers can exploit this vulnerability to crash affected kernels, effectively denying service to legitimate users.

Linux kernel versions 2.6.15.2 and prior in the 2.6 series are vulnerable to this issue.

- 漏洞利用

An exploit is not required.

- 解决方案

Please see the referenced vendor advisories for details on obtaining and applying fixes.


S.u.S.E. Linux Professional 10.0

Linux kernel 2.6 -test6

Linux kernel 2.6 -test4

Linux kernel 2.6 -test2

Linux kernel 2.6 -test11

Linux kernel 2.6 -test9-CVS

Linux kernel 2.6

Linux kernel 2.6 -test3

Linux kernel 2.6 .10

Linux kernel 2.6 -test5

Linux kernel 2.6 -test1

Linux kernel 2.6 -test7

Linux kernel 2.6 -test9

Linux kernel 2.6 -test8

Linux kernel 2.6 -test10

Linux kernel 2.6.1 -rc1

Linux kernel 2.6.1 -rc2

Linux kernel 2.6.1

Linux kernel 2.6.10 rc2

Linux kernel 2.6.10

Linux kernel 2.6.11

Linux kernel 2.6.11 .6

Linux kernel 2.6.11 .12

Linux kernel 2.6.11 -rc2

Linux kernel 2.6.11 .5

Linux kernel 2.6.11 -rc3

Linux kernel 2.6.11 -rc4

Linux kernel 2.6.11 .11

Linux kernel 2.6.11 .7

Linux kernel 2.6.12 .4

Linux kernel 2.6.12 .3

Linux kernel 2.6.12 .1

Linux kernel 2.6.12 .5

Linux kernel 2.6.12 -rc4

Linux kernel 2.6.12 .2

Linux kernel 2.6.12 .6

Linux kernel 2.6.12 -rc5

Linux kernel 2.6.13 -rc4

Linux kernel 2.6.13 .3

Linux kernel 2.6.13

Linux kernel 2.6.13 -rc7

Linux kernel 2.6.13 -rc1

Linux kernel 2.6.13 .2

Linux kernel 2.6.13 .4

Linux kernel 2.6.13 -rc6

Linux kernel 2.6.13 .1

Linux kernel 2.6.14 -rc2

Linux kernel 2.6.14 -rc3

Linux kernel 2.6.14

Linux kernel 2.6.14 -rc1

Linux kernel 2.6.14 -rc4

Linux kernel 2.6.14 .2

Linux kernel 2.6.14 .1

Linux kernel 2.6.14 .3

Linux kernel 2.6.15

Linux kernel 2.6.15 -rc1

Linux kernel 2.6.15 -rc3

Linux kernel 2.6.15 .2

Linux kernel 2.6.15 .1

Linux kernel 2.6.15 -rc2

Linux kernel 2.6.2

Linux kernel 2.6.3

Linux kernel 2.6.4

Linux kernel 2.6.5

Linux kernel 2.6.6 rc1

Linux kernel 2.6.6

Linux kernel 2.6.7 rc1

Linux kernel 2.6.7

Linux kernel 2.6.8 rc3

Linux kernel 2.6.8 rc2

Linux kernel 2.6.8 rc1

Linux kernel 2.6.8

Linux kernel 2.6.9

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站