|
|
SuSE安全公告:wmake/WindowMake存在权利提升漏洞
发布时间:2001-09-21
更新时间:2001-09-21
严重程度:高
威胁程度:远程管理员权限
错误类型:输入验证错误
利用方式:客户机模式
受影响系统SUSE (6.0, 6.1, 6.2,) 6.3, 6.4, 7.0, 7.1, 7.2
-Window Maker < 0.65.1 详细描述
X WINDOWS 管理程序Windows Maker发现存在漏洞,在当设置WIDNOWS标题时没有很正确的检查边界,攻击者可以通过使用恶意WEB页等方式设置超长的windows标题来远程利用这个缓冲溢出。攻击者可以以运行Window Maker的用户身份来执行任意代码。
测试代码
尚无
解决方案
使用升级程序,安装后运行/sbin/SuSEconfig,然后重新启动windows manager:
i386 Intel Platform:
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/xwm1/WindowMaker-0.64.0-82.i386.rpm
0f5508e10089deecf34b51ab8c007bbf
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/WindowMaker-0.64.0-82.src.rpm
6472b87eb8a841d5cefe4f0889f9b4e1
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/xwm1/WindowMaker-0.62.1-25.i386.rpm
39c69fab92923eca0cf1f0e077232fef
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/WindowMaker-0.62.1-25.src.rpm
a8c32f85125bbe7bf041335100e447b8
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/xwm1/wmaker-0.62.1-42.i386.rpm
d825fa6cd78643e880bb89464594a464
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/wmaker-0.62.1-42.src.rpm
bd6e55a9b16e836065f59b4dc824416f
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/xwm1/wmaker-0.61.1-59.i386.rpm
7de5a334c4fbbeb6ef3d79d197a585c1
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/wmaker-0.61.1-59.src.rpm
4471d22b705b8b24a1808729a32d1764
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/xwm1/wmaker-0.61.1-59.i386.rpm
8c8453b37e7b69008be2be4929a62d80
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/wmaker-0.61.1-59.src.rpm
0c96f81234e787a48b8d2df4e698843a
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/xwm1/WindowMaker-0.62.1-17.sparc.rpm
c19bc73ccc235bbd35d1e8953cfbabbb
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/WindowMaker-0.62.1-17.src.rpm
e60425cb8ae38b16a3aac3fa23a6c54f
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/xwm1/wmaker-0.62.1-2.sparc.rpm
9f0a23eddb8b9dbfc07288871388ff34
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/wmaker-0.62.1-2.src.rpm
a95d995b1ea164b8c93a9fc308f703d1
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/xwm1/WindowMaker-0.62.1-23.alpha.rpm
55cf56c7bea8fa3e9cf7ca2c90457249
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/WindowMaker-0.62.1-23.src.rpm
7b5bc50ad9e854dc2858a1b0a08385d5
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/xwm1/wmaker-0.62.1-5.alpha.rpm
6e7e01c1a1ef1e2ac751638dd7e31d21
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/wmaker-0.62.1-5.src.rpm
2ee34d67aba5c06878623e3ca50f47d1
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/xwm1/wmaker-0.61.1-57.alpha.rpm
dcbfdaf729cb823046f3dc6e913fcf1b
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/wmaker-0.61.1-57.src.rpm
3d045c4fd65d2ce9b69a1890d71fd59a
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/xwm1/wmaker-0.61.1-57.alpha.rpm
6c17c78ef0fe2971b29fe1a2300c4fc3
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/wmaker-0.61.1-57.src.rpm
f01b2923ebc6e4e6a52b75e8597cbe50
PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/xwm1/WindowMaker-0.62.1-18.ppc.rpm
00f099cc26983691641ed041441abfc2
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/WindowMaker-0.62.1-18.src.rpm
1941b4c46eeb3e4fe4a7e3a1c79ae8a5
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/xwm1/wmaker-0.62.1-49.ppc.rpm
f5ef503d073a7e9e34cf28e4eb56fbaa
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/wmaker-0.62.1-49.src.rpm
362468904bd119c44f2c2baa1312a116
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/xwm1/wmaker-0.61.1-56.ppc.rpm
0408f29d40eebf5bbc84bdcf14a03c5f
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/wmaker-0.61.1-56.src.rpm
50c1a727aec53feb76f451854657b6c8
相关信息
|
