FreeBSD系统调用有符号整数存在缓冲溢出发布时间:2002-08-28 更新时间:2002-08-28 严重程度:高 威胁程度:权限提升 错误类型:边界检查错误 利用方式:服务器模式 BUGTRAQ ID:5493 受影响系统 FreeBSD FreeBSD 4.0详细描述 FreeBSD操作系统下存在漏洞,几个系统调用存在有符号整数缓冲区溢出条件。 问题是有影响的几个系统调用假定部分参数会给正的整数值,而实际上参数处理却以有符号整数方式在处理,这样如果提供一个负的整数值作为参数,就可以导致边界检查错误而导致缓冲溢出,可能利用这个漏洞执行任意代码。 测试代码 无 解决方案 FreeBSD用户建议采用下列补丁或者升级到4.6.2-RELEASE或者4.6-STABLE; 或者任意RELENG_4_6 (4.6.1-RELEASE-p11), RELENG_4_5 (4.5-RELEASE-p19), 或者 RELENG_4_4 (4.4-RELEASE-p26)下列日期后的安全分支: 2002-08-13 02:42:32 UTC (RELENG_4) 2002-08-13 12:12:36 UTC (RELENG_4_6) 2002-08-13 12:13:05 UTC (RELENG_4_5) 2002-08-13 12:13:49 UTC (RELENG_4_4) 补丁下载: FreeBSD FreeBSD 4.0: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.1: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.1.1 -STABLE: FreeBSD FreeBSD 4.1.1 -RELEASE: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.1.1: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.2 -STABLE: FreeBSD FreeBSD 4.2 -RELEASE: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.2: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.3 -STABLE: FreeBSD FreeBSD 4.3 -RELEASE: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.3: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.4 -STABLE: FreeBSD FreeBSD 4.4: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.5 -STABLE: FreeBSD FreeBSD 4.5 -RELEASE: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.5: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.6 -RELEASE: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch FreeBSD FreeBSD 4.6: FreeBSD Patch signed-error.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:38/signed-error.patch 相关信息 Silvio Cesare <silvio@qualys.com>. 参考:http://online.securityfocus.com/advisories/4407 |
