Linux Kernel dccp Multiple Local Information Disclosure Vulnerabilities Bugtraq ID: 23162 Class: Design Error CVE: Remote: No Local: Yes Published: Mar 27 2007 12:00AM Updated: Mar 27 2007 11:13PM Credit: Robert Swiecki discovered these vulnerabilities. Vulnerable: Linux kernel 2.6.20 .4 Linux kernel 2.6.20 Linux kernel 2.6.20.3 Linux kernel 2.6.20.2 Linux kernel 2.6.20.1 The Lin...
by ming_nuaa - Linux文档专区 - 2007-03-28 09:03:43 阅读(542) 回复(0)
受影响系统: Linux kernel >= 2.6.20 描述: Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux内核中net/dccp/proto.c文件的do_dccp_getsockopt()函数存在信息泄露漏洞,本地攻击者可能利用此漏洞获取敏感信息。 相关的代码如下: ----------------------- static int do_dccp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen)...