FreeRange user yuebai li wanted you to see this:
"Linux内核SCTP漏洞无大碍 不打补丁也可以安心过五一"
udev才过,SCTP接踵而来。看看milw0rm上溢出程序的名字就有点恐怖“Linux Kernel 2.6.x SCTP FWD Memory COrruption Remote Exploit”,稍加留意会看到exp上有这么一行“NOTE: you need at least one sctp application bound on the target box“。看到这一行,心里放心了不少。因为我们知道SCTP不是一个常用的协议,但在电信网络骨干里会经常见到它。并且绝大多数linux发行版默认也不启用SCTP支持。
cnBeta
FreeRange WebReader - bringing the Internet to your mobile phone like never before!
Reading this on your Windows Smartphone, Palm or Blackberry? Try it now by clicking http://mwap.at
没有评论:
发表评论