Icecast的 print_client()存在缓冲溢出漏洞发布时间:2001-01-31 更新时间:2001-01-31 严重程度:高 威胁程度:本地管理员权限 错误类型:输入验证错误 利用方式:服务器模式 受影响系统 Icecast Icecast 1.3.8 beta2,1.3.7详细描述 Icecast是一个开放代码的流式音乐服务程序,在utility.c中的print_client()存在一个格式化字符串漏洞。由于对fd_write()不安全的调用,导致用户的输入直接传递给*printf()函数,造成格式化字符串的攻击。这样,一个可以用户可以让*printf函数覆盖内存的任意返回地址并获得对系统的控制。 测试代码 可以在下面的地址下载测试程序: http://www.securityfocus.com/data/vulnerabilities/exploits/PKCicecast-ex.c 解决方案 升级程序: Icecast Icecast 1.3.8 beta2: Packet Knights Crew patch utility.c.diff http://www.securityfocus.com/data/vulnerabilties/patches/utility.c.diff Icecast Icecast 1.3.7: Packet Knights Crew patch utility.c.diff http://www.securityfocus.com/data/vulnerabilties/patches/utility.c.diff Conectiva RPM 4.1 i386 icecast-1.3.7-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.1/i386/icecast-1.3.7-4cl.i386.rpm Conectiva RPM 4.2 i386 icecast-1.3.7-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.2/i386/icecast-1.3.7-4cl.i386.rpm Conectiva RPM 5.0 i386 icecast-1.3.7-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/icecast-1.3.7-4cl.i386.rpm Conectiva RPM 5.1 i386 icecast-1.3.7-4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/icecast-1.3.7-4cl.i386.rpm Conectiva RPM 6.0 i386 icecast-1.3.7-3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/icecast-1.3.7-3cl.i386.rpm 相关信息 |
