Solaris snoop (print_domain_name)缓冲区溢出漏洞

漏洞信息详情

Solaris snoop (print_domain_name)缓冲区溢出漏洞

• CNNVD编号：CNNVD-199912-035
• 危害等级： 超危
  
  
• CVE编号：
  CVE-1999-0973
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  1999-12-07
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  sun
• 漏洞来源：
  First exposed in a…

Solaris的snoop程序存在缓冲区溢出漏洞。远程攻击者借助使用snoop冗长模式下的长域名可以获得root权限。

A temporary solution is to not run snoop. A good libpcap based alternative is tcpdump, which is available in the tools section of Security-Focus.com.
A bug report exists in the Sunsolve databases, but there has been no patch issued.
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

来源: BID
名称: 858
链接:http://www.securityfocus.com/bid/858