xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

Redhat的elm存在缓冲溢出漏洞


发布时间:2001-07-17
更新时间:2001-07-17
严重程度:
威胁程度:远程拒绝服务
错误类型:输入验证错误
利用方式:客户机模式

受影响系统
Red Hat Linux 5.2 - alpha, i386, sparc

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - i386, ia64
详细描述
elm在处理超长的message-ids的时候存在缓冲溢出,会造成其他
头区域的覆盖,并造成更大的破坏。

测试代码
尚无

解决方案
下载新的elm程序:

Red Hat Linux 5.2:

SRPMS:
ftp://updates.redhat.com/5.2/en/os/SRPMS/elm-2.5.5-0.52.src.rpm

alpha:
ftp://updates.redhat.com/5.2/en/os/alpha/elm-2.5.5-0.52.alpha.rpm

i386:
ftp://updates.redhat.com/5.2/en/os/i386/elm-2.5.5-0.52.i386.rpm

sparc:
ftp://updates.redhat.com/5.2/en/os/sparc/elm-2.5.5-0.52.sparc.rpm

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/elm-2.5.5-0.62.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/elm-2.5.5-0.62.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/elm-2.5.5-0.62.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/elm-2.5.5-0.62.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/elm-2.5.5-1.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/elm-2.5.5-1.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/elm-2.5.5-1.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/elm-2.5.5-1.src.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/elm-2.5.5-1.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/elm-2.5.5-1.ia64.rpm



7. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
75daf2932db42b69a9619002ffc4d36b 5.2/en/os/SRPMS/elm-2.5.5-0.52.src.rpm
6d8a54bebc078adbbb27863d359f3fe7 5.2/en/os/alpha/elm-2.5.5-0.52.alpha.rpm
e939d9f97b035a373a7f56af1e7aad0a 5.2/en/os/i386/elm-2.5.5-0.52.i386.rpm
abdf47c3a05c4e363e40b0d12c76cbc0 5.2/en/os/sparc/elm-2.5.5-0.52.sparc.rpm
533bc2f830af5f153e7f127bfc1a179a 6.2/en/os/SRPMS/elm-2.5.5-0.62.src.rpm
5fc1a845b62174ade41c657aa9d3957c 6.2/en/os/alpha/elm-2.5.5-0.62.alpha.rpm
770b3e8080e8f24d0e6efbe346e7a0a2 6.2/en/os/i386/elm-2.5.5-0.62.i386.rpm
8c26e7c6062ef42813565d5a2fb516b4 6.2/en/os/sparc/elm-2.5.5-0.62.sparc.rpm
0528d7629e47f0bc6c2174b6b31db9c6 7.0/en/os/SRPMS/elm-2.5.5-1.src.rpm
0bb0cad648eb28f4158ce4c1af80951e 7.0/en/os/alpha/elm-2.5.5-1.alpha.rpm
2ee810da56eac2d3bffa73a5c786451d 7.0/en/os/i386/elm-2.5.5-1.i386.rpm
0528d7629e47f0bc6c2174b6b31db9c6 7.1/en/os/SRPMS/elm-2.5.5-1.src.rpm
2ee810da56eac2d3bffa73a5c786451d 7.1/en/os/i386/elm-2.5.5-1.i386.rpm
d753013a2b6643a813f65090a036d02d 7.1/en/os/ia64/elm-2.5.5-1.ia64.rpm

相关信息
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved