低危 Linux Kernel 2.6.32.51 拒绝服务漏洞

CVE编号

CVE-2011-3188

利用情况

暂无

补丁情况

官方补丁

披露时间

2012-05-25
漏洞描述
Linux是一款开放源代码操作系统。Dan Kaminsky指出使用部分MD4及其使用它来生成序列号,只有24位是真正不可猜测(unguessable)的,严重降低了随机数生成的安全性。特别是使用仅24位真正不可猜测,使得攻击者可能比较容易的猜测出序列号。使得通过类似暴力猜测攻击把报文注入到TCP会话中变得可能。攻击者借此可把任意报文注入到TCP会话中,执行未授权操作。也可通过SYN或RST报文把注入到TCP会话终止已建立连接进行拒绝服务攻击。
解决建议
用户可参考如下供应商提供的安全公告获得补丁信息:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=6e5714eaf77d79ae1c8b47e3e040ff5411b717echttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bc0b96b54a21246e377122d54569eef71cec535f
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 f5 arx * From
(including)
6.0.0
Up to
(including)
6.4.0
运行在以下环境
应用 f5 big-ip_access_policy_manager * From
(including)
10.1.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_access_policy_manager * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_analytics * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_application_security_manager * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_application_security_manager * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_edge_gateway * From
(including)
10.1.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_edge_gateway * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_global_traffic_manager * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_global_traffic_manager * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_link_controller * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_link_controller * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_local_traffic_manager * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_local_traffic_manager * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_protocol_security_module * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_protocol_security_module * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_wan_optimization_manager * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_wan_optimization_manager * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 big-ip_webaccelerator * From
(including)
10.0.0
Up to
(including)
10.2.4
运行在以下环境
应用 f5 big-ip_webaccelerator * From
(including)
11.0.0
Up to
(including)
11.1.0
运行在以下环境
应用 f5 enterprise_manager * From
(including)
2.1.0
Up to
(including)
2.3.0
运行在以下环境
应用 f5 enterprise_manager 3.0.0 -
运行在以下环境
应用 f5 firepass * From
(including)
6.0.0
Up to
(including)
6.1.0
运行在以下环境
应用 f5 firepass 7.0.0 -
运行在以下环境
系统 linux linux_kernel * Up to
(excluding)
3.1
运行在以下环境
系统 redhat enterprise_linux 4.0 -
运行在以下环境
系统 redhat_5 kernel * Up to
(excluding)
0:2.6.18-274.7.1.el5
运行在以下环境
系统 redhat_6 kernel * Up to
(excluding)
0:2.6.32-131.21.1.el6
运行在以下环境
系统 suse_11 brocade-bna-kmp-trace * Up to
(excluding)
2.1.0.0_2.6.32.49_0.3-0.2
阿里云评分
3.1
  • 攻击路径
    远程
  • 攻击复杂度
    复杂
  • 权限要求
    无需权限
  • 影响范围
    有限影响
  • EXP成熟度
    未验证
  • 补丁情况
    官方补丁
  • 数据保密性
    无影响
  • 数据完整性
    无影响
  • 服务器危害
    无影响
  • 全网数量
    100
CWE-ID 漏洞类型
NVD-CWE-Other
阿里云安全产品覆盖情况