Vixie Cron缓冲器溢出漏洞

漏洞信息详情

Vixie Cron缓冲器溢出漏洞

• CNNVD编号：CNNVD-199908-050
• 危害等级： 高危
  
  
• CVE编号：
  CVE-1999-0768
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  1999-08-25
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  redhat
• 漏洞来源：
  First exposed in R…

基于Red Hat系统的Vixie Cron存在缓冲区溢出漏洞。可以借助MAILTO环境变量导致该漏洞。

Red Hat Linux 4.2:
Intel:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/i386/vixie-cron-3.0.1-36.4.2.i386.rpm
Alpha:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/alpha/vixie-cron-3.0.1-36.4.2.alpha.rpm
Sparc:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/sparc/vixie-cron-3.0.1-36.4.2.sparc.rpm
Source packages:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/4.2/SRPMS/vixie-cron-3.0.1-36.4.2.src.rpm
Red Hat Linux 5.2:
Intel:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/i386/vixie-cron-3.0.1-36.5.2.i386.rpm
Alpha:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/alpha/vixie-cron-3.0.1-36.5.2.alpha.rpm
Sparc:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/sparc/vixie-cron-3.0.1-36.5.2.sparc.rpm
Source packages:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/5.2/SRPMS/vixie-cron-3.0.1-36.5.2.src.rpm
Red Hat Linux 6.0:
Intel:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/i386/vixie-cron-3.0.1-37.i386.rpm
Alpha:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/alpha/vixie-cron-3.0.1-37.alpha.rpm
Sparc:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/sparc/vixie-cron-3.0.1-37.sparc.rpm
Source packages:
rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/SRPMS/vixie-cron-3.0.1-37.src.rpm
For each RPM for your particular architecture, run:
rpm -Uvh
where filename is the name of the RPM.

来源: BID
名称: 602
链接:http://www.securityfocus.com/bid/602