多个Sun数据库函数存在缓冲区溢出问题发布时间:2003-06-19 更新时间:2003-06-20 严重程度:高 威胁程度:权限提升 错误类型:边界检查错误 利用方式:服务器模式 BUGTRAQ ID:7991 受影响系统 Sun Solaris 2.6 _x86详细描述 Sun dbm_open(), ndbm(), dbm()和dbminit()库函数存在缓冲区溢出。 这些库在拷贝外部数据到内部内存缓冲区时都缺少正确边界检查,过多的数据可触发溢出,破坏内存敏感信息。 如:Solaris Xsun链接的库存在问题,可导致权限提升。 测试代码 尚无 解决方案 相关补丁如下: SPARC Platform Solaris 2.6 with patches 105210-47, 105377-06 and 105401-43 or later for each listed patch Solaris 7 with patches 106541-22, 106942-26 and 106949-03 or later for each listed patch Solaris 8 with patches 108827-24, 108993-16 and 109152-02 or later for each listed patch Solaris 9 with patches 112874-01, 112922-02, 113319-10, 114569-02 and 114571-01 or later for each listed patch x86 Platform Solaris 2.6 with patches 105211-49 and 105402-43 or later for each listed patch Solaris 7 with patches 106542-22 and 106943-26 or later for each listed patch Solaris 8 with patches 108828-25, 108994-16 and 114617-01 or later for each listed patch Solaris 9 with patches 113719-03, 114570-01 and 114715-01 or later for each listed patch 相关信息 参考:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55420 |
