Solaris Recursive mutex_enter Panic漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105550 漏洞类型 未知
发布时间 1999-09-23 更新时间 2005-05-02
CVE编号 CVE-1999-0908 CNNVD-ID CNNVD-199909-046
漏洞平台 Solaris CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19507
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199909-046
|漏洞详情
SolarisTCP流驱动程序中存在漏洞,该漏洞通过一个导致服务器恐慌的恶意链接使得SolarisTCP流驱动程序拒绝服务,其中恶意链接是mutex_enter递归调用的结果。
|漏洞EXP
source: http://www.securityfocus.com/bid/655/info

A vulnerability in Solaris TCP/IP stack may allow remote users to panic the system.

If the nmap network mapping utility is used with the OS fingerprinting option ('-O') against an active listening port and the server listening on that port is then killed the system will panic because of recursive calls to mutex_enter within the TCP streams driver.

$nmap -O -p 80 targethost.com
|参考资料

来源:BID
名称:655
链接:http://www.securityfocus.com/bid/655