© / Posted in Linux / August 16, 2009
这周二微软暴了很多严重的漏洞,呵呵,看来Linux也不甘寂寞啊~~
以下内容转自素包子
在微软本月月经日(8.11)的同一天,国外黑客taviso和julien公开了可以攻击所有新旧Linux系统的一个漏洞,包括但不限于RedHat,CentOS,Suse,Debian,Ubuntu,Slackware,Mandriva,Gentoo及其衍生系统。黑客只需要执行一个命令,就可以通过此漏洞获得root权限,即使开启了SELinux也于事无补。攻击这个漏洞到底有多简单,下面我们看图说话,有图有真相。
如上图所示,利用此漏洞极其简单,并且影响所有的Linux内核,baoz强烈建议系统管理员或安全人员参考下列临时修复方案,以防止Linux系统被攻击 。
1、使用Grsecurity或者Pax内核安全补丁,并开启KERNEXEC防护功能。
2、升级到2.6.31-rc6或2.4.37.5以上的内核版本。
3、如果您使用的是RedHa tEnterprise Linux 4/5的系统或Centos4/5的系统,您可以通过下面的操作简单的操作防止被攻击。
在/etc/modprobe.conf文件中加入下列内容:
install pppox /bin/true
install bluetooth /bin/true
install appletalk /bin/true
install ipx /bin/true
install sctp /bin/true
4、如果您使用的是Debian或Ubuntu系统,您可以通过下面的操作防止被攻击(感谢chenjun提供)
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install x25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
很明显,第三、四个方案最简单也相对有效,对业务影响也最小,如果您对编译和安装Linux内核不熟悉,千万不要使用前两个方案,否则您的系统可能永远无法启动。
Linux在微软的月经日爆如此严重的漏洞,挺值得纪念的。如果您希望了解本漏洞更多的内幕、八卦和细节,请访问http://baoz.net/linux-sockops-wrap-proto-ops-local-root-exploit/
如果你希望了解漏洞详情,请访问下列URL:
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html
http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html
https://bugzilla.redhat.com/show_bug.cgi?id=516949
如果你希望亲手验证此漏洞,你可以下载下列两个代码包测试(有可能导致系统不稳定,当机等现象,后果自负):
http://www.securityfocus.com/data/vulnerabilities/exploits/wunderbar_emporium-3.tgz
http://www.securityfocus.com/data/vulnerabilities/exploits/36038-4.tgz
changelog:
2009/08/16 chenjun@xfocus提供了debian/ubuntu系统的修复方式。
2009/08/16 根据网友要求添加漏洞详情和exploit下载地址
长久没有启支Linux了,家庭用户基本上不用,只是服务器需要当心了。
@思亭
恩~~呵呵~~不过话说回来,windows更要小心啊~~反正计算机,没有安全
我
welcome to our burberry outlet store ,there are many fashion and hight quality burberry bags wait for
you!
do you want to buy burberry bags for yourslf or your beat friends in sometimes?
please come to our burberry outlet store.yle burberry watches for you.do
our burberry outlet store offer many new st
not miss the fashion burbery Burberry T-shirts.
In burberry sunglasses stores it really is typically some sort of
most effective style which precisely the top notch and several middle-class are typically in a region to afford
Fouthy-six Putting on a new burberry watches for men and relish the
summertime Does one prefers to invest in Burberry bags?
as we all know the burberry brand is very famouse in the world.in burberry bags outlet store you
will have a good time!
there is new store,the name is burberry outlet !you are interested in new store,you will have a good
time in there.
If you use burberry bags ,you will feel very Summer feeling, so many girls put it
down.
evey women love the burberry shirts in life,the burberry can give you more
confidence in sometimes.
Jack bought the burberry sunglasses and the next day he came to the
interview in the Burberry cheak shirt.
Join forums that areparticularlymeant to talk about watches. If you are searching for burberry sale for women, then
obviouslycheck out women's forum.
One of the most popular British exports is the burberry outlet online .
The particular burberry bags typically reveal the actual Burberry renowned examine layout
which has been made popular by the garment range.
The color of burberry ties are bright but with the characters of mature and steady
the burberry shoes collection had occipied a large markey share and enjoys a massive
fan following.
I believe one's destiny of your burberry wallets long decrease jackets are
often more large-scale progress.