xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

Mozilla Bonsai参数页面未授权访问漏洞


发布时间:2003-03-21
更新时间:2003-03-21
严重程度:
威胁程度:读取受限文件
错误类型:访问验证错误
利用方式:服务器模式

BUGTRAQ ID:7163
CVE(CAN) ID:CAN-2003-0155

受影响系统
Mozilla Bonsai 1.3
   +Debian Linux 3.0
   +Debian Linux 3.0 alpha
   +Debian Linux 3.0 arm
   +Debian Linux 3.0 hppa
   +Debian Linux 3.0 ia-32
   +Debian Linux 3.0 ia-64
   +Debian Linux 3.0 m68k
   +Debian Linux 3.0 mips
   +Debian Linux 3.0 mipsel
   +Debian Linux 3.0 ppc
   +Debian Linux 3.0 s/390
   +Debian Linux 3.0 sparc
详细描述
Mozilla Bonsai存在一个漏洞,远程攻击者可以无需授权访问参数页面。

目前还没有该漏洞的详细信息。

解决方案
Source archives:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1.dsc
Size/MD5 checksum:      675 55a326a22076c5eb4ae06b9f45040ca0
http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1.diff.gz
Size/MD5 checksum:    53566 d168b5366401692756ad7d6260ca2f74
http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224.orig.tar.gz
Size/MD5 checksum:   150238 5dea945aa87188e1dda4f9e5a285808c

Alpha architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_alpha.deb
Size/MD5 checksum:   154504 fcb8ac72eece822427c7510ced4e21c4

ARM architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_arm.deb
Size/MD5 checksum:   154020 f2adb4988192cb84344c3473b8402a21

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_i386.deb
Size/MD5 checksum:   154122 c2b39dfcfc33c3752afcb744323a91a2

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_ia64.deb
Size/MD5 checksum:   155282 a5cc11db973bdb952528330125dadc71

HP Precision architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_hppa.deb
Size/MD5 checksum:   154590 f69e416af4e3ba0164084283584eb083

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_m68k.deb
Size/MD5 checksum:   154054 f4126c21a9e5283806f02a7f43d4e7cf

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_mips.deb
Size/MD5 checksum:   154590 a3368e19dbc46fad391a198df2af9526

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_mipsel.deb
Size/MD5 checksum:   154614 dd7f9cbe92c2f9825bd91e3ebfad250e

PowerPC architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_powerpc.deb
Size/MD5 checksum:   154024 f8702f4c9471ebdd56c9f858b1d0c10e

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_s390.deb
Size/MD5 checksum:   154540 fb6c638075c196104c7f445a65f1ac9c

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_sparc.deb
Size/MD5 checksum:   158044 1d81d6c62382a6f78b7c3a11ea668ae1

相关信息
报告:Debian Security Advisory
相关资料:http://online.securityfocus.com/advisories/5149
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved