DSA-092-1:wmtv存在缓冲溢出漏洞发布时间:2001-12-07 更新时间:2001-12-07 严重程度:高 威胁程度:本地管理员权限 错误类型:输入验证错误 利用方式:服务器模式 受影响系统 wmtv详细描述 Nicolas Boullis发现wmtv存在一个安全漏洞,如果你在tv windows上双击,wmtv可以选择性的运行命令,这个命令可以使用-e命令行选项来指定。不过超长的命令行参数可以导致wmtv缓冲溢出,而wmtv是以suid root身份运行,最终导致本地用户权限提升获得ROOT访问。 测试代码 尚无 解决方案 此问题在0.6.5-2potato1版本得到修正: Source archives: http://security.debian.org/dists/stable/updates/main/source/wmtv_0.6.5-2potato1.diff.gz MD5 checksum: 71436864099e31a54191828eba1a5af1 http://security.debian.org/dists/stable/updates/main/source/wmtv_0.6.5-2potato1.dsc MD5 checksum: fcfed7fae275bcd74f135db0fb315e27 http://security.debian.org/dists/stable/updates/main/source/wmtv_0.6.5.orig.tar.gz MD5 checksum: 2ee18b3f1261137e8772d4f6a9dd0031 Alpha architecture: http://security.debian.org/dists/stable/updates/main/binary-alpha/wmtv_0.6.5-2potato1_alpha.deb MD5 checksum: da07aa390b028396000c8c8ebf180c44 ARM architecture: http://security.debian.org/dists/stable/updates/main/binary-arm/wmtv_0.6.5-2potato1_arm.deb MD5 checksum: b0ee729c7de7dfb2b3e1c4c7a8f37e69 Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/wmtv_0.6.5-2potato1_i386.deb MD5 checksum: fd3ce69d983ae4b316114628c7c5fc74 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/main/binary-m68k/wmtv_0.6.5-2potato1_m68k.deb MD5 checksum: 774a7f254a1a1f27cd7a03f66ac11308 PowerPC architecture: http://security.debian.org/dists/stable/updates/main/binary-powerpc/wmtv_0.6.5-2potato1_powerpc.deb MD5 checksum: 3b98c87d44c9570e4001ceec82d832be Sun Sparc architecture: http://security.debian.org/dists/stable/updates/main/binary-sparc/wmtv_0.6.5-2potato1_sparc.deb MD5 checksum: 7ecfd9e694e3b22b101c52c7f8c4f627 相关信息 Wichert Akkerman (wichert@wiggy.net) 参考:http://archives.neohapsis.com/archives/bugtraq/2001-12/0055.html |
