Majordomo局部重发漏洞

漏洞信息详情

Majordomo局部重发漏洞

• CNNVD编号：CNNVD-199912-098
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0035
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  1999-12-28
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  great_circle_associates
• 漏洞来源：
  First posted to Bu…

Majordomo中的重发命令存在漏洞，本地用户利用该漏洞通过shell元字符获得特权。

Perl programmers are advised to use sysopen() as opposed to open() for security reasons.
A patch submitted by “Todd C. Miller” to Bugtraq on December 29, 1999 is listed below:
— resend Thu Aug 19 10:12:03 1999
+++ resend+ Tue Dec 28 23:55:39 1999
@@ -58,7 +58,7 @@
if ($ARGV[0] =~ /^\@/) {
$fn = shift(@ARGV);
$fn =~ s/^@//;
– open(AV, $fn) || die(“open(AV, \”$fn\”): $!\nStopped”);
+ sysopen(AV, $fn, O_RDONLY) || die(“sysopen(AV, \”$fn\”, O_RDONLY): $!\nStopped”);
undef($/); # set input field separator
$av = ; # read whole file into string
close(AV);
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.
@courtesan.com>

来源: BID
名称: 902
链接:http://www.securityfocus.com/bid/902

来源: BUGTRAQ
名称: 20000113 Info on some security holes reported against SCO Unixware.
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=94780294009285&w=2