湖北快3

EN
您当前的位置: 湖北快3 - 网络安全 - 通告和预警 - 正文

Linux爆新漏洞,长按回车键70秒即可获得root权限

时间:2016-12-15 阅读: 我要纠错

按住回车70秒,黑客就能在linux系统绕过认证,进而获取root权限,并能远程控制经过加密的linux系统。

漏洞来源

湖北快3zheigeanquanwentilaiyuanyucryptsetupcunzaideyigeloudong(cve-2016-4484)。cryptsetupshizailinuxtongyimiyaoshezhi(linux unified key setup, luks)zhongyonglaijiamicipanderuanjian,erlukszeshilinuxxitongzhongbiaozhundecipanjiami。 

湖北快3loudongqishishichuxianzaixitonghoucryptsetupchulimimashurucuowudeshihou,tahuiyunxuyonghuduocizhongshishurumima。erdangyonghushurucuowu93cihou,chengxujiuhuijiyonghuyigedairootquanxiandeshell(busybox)。 

yejiushishuo,ruguonizhongfu93cishucuomima,huozhechixuanhuichejiandagai70miao,nijiunenggouhuoderoot initramfs (initial ram filesystem) shell。huoqushellzhihou,nijiukeyifuzhi、xiugaihuozhepohuaizhenggeyingpan,huozheyekeyishiyongwangluochuanshushuju。 

漏洞能被远程利用

xibanyaanquanyanjiuyuanhector marcoheismael ripolllezheiyiloudong,yingxiangfanweifugaijihusuoyoudelinuxfaxingban,baokuodebian, ubuntu, fedora, red hat enterprise linux (rhel)hesuse。    

yanjiurenyuanzaijinnianaodiliweiyenajuxingdedeepsechuiyishangyanshilexijie: 

“heikekeyicongshouyingxiangxitongzhonghuoquroot initramfs shell。bingqieloudongdechenggonglvfeichanggao,yinweitabuyilaimougetedingdexitonghuozhemougepeizhi……zheigeloudongzaitushuguan、atmji、jichang、shiyanshidengchangjingxiatebieyouyong,yinweizaizheixiechangjingxia,kaijideguochengshoudao(jiami)baohu,erwomenzhiyoujianpan/shubiao。” 

湖北快3kandaozheili,nikenenghuirenweiloudongzhinengzaigongjizheyouwulijiechudeqingkuangxiacaiyoukenengfasheng。danshijishang,loudongyekeyibeiyuanchengchufa。ruguonishiyongdeshijiyulinuxdeyunfuwu,jiukeyizaimeiyouwulijiechudetiaojianxialiyongloudong。 

漏洞到底有多严重

湖北快3zhidezhuyideshi,gongjizhewufaliyongzheigeloudonglaihuoqujiamicipandeneirong,dannengjinxingxiamiandezheixiecaozuo: 

权限提升:

湖北快3youyubootfenquyibandoushibujiamide,yinciliyongloudongheikekeyiyongsetuidcunchuyigekezhixingwenjian,ranhouzaiyongbendiyonghushenfenzhixingjinxingtiquan。 

gongjizheyekeyitihuanneiheheinitrdjingxiang。 

信息泄露:

suirangongjizhewufazhijieduqujiamidecipan,dantanengzuodeshihaishihenduode。biru,takeyibacipanfuzhidaowaibushebei,zhihoujinxingbaolipojie, 

DoS攻击:

湖北快3heikekeyishanchucipanshangdeneirong。 

这个漏洞的影响范围包括Debian, Ubuntu, Fedora和其他一些Linux发行版本。Arch Linux和Solus用户不受影响。

解决方案

湖北快3jinguanloudongnengqingyichufabingqieyingxiangfanweida,dantadexiufufanganyeyichangjiandan: 

湖北快3shouxian,zailuksmimatishichuangchuanyahuichejian70miao,jianchaxitongshifoucunzailoudong。 

ruguocunzailoudong,jianchaxianisuoshiyongdelinuxshifoufabulebuding。 

ruguoguanfangmeiyoufabubuding,nikeyizixingxiugaicryptrootwenjian: 

# sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="/GRUB_CMDLINE_LINUX_DEFAULT="panic=5 /' /etc/default/grub# grub-install 


*转载来自FreeBuf(FreeBuf.com)