GNU make /tmp漏洞

漏洞信息详情

GNU make /tmp漏洞

• CNNVD编号：CNNVD-200002-002
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0151
  
• 漏洞类型：
  
  
  竞争条件
  
• 发布时间：
  
  2000-02-01
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  gnu
• 漏洞来源：
  This vulnerability…

从标准输入读取Makefile时，GNU make跟随符号链接。其他本地用户利用此漏洞可以执行命令。

Patches are available from SuSE at:
ftp://ftp.suse.com/pub/suse/i386/update for Intel processors
ftp://ftp.suse.com/pub/suse/axp/update for Alpha processors
or try the following web pages for a list of mirrors:
http://www.suse.de/ftp.html
http://www.suse.com/ftp_new.html
SuSE Patch page:
http://www.suse.de/patches/index.html
Patches are available from Debian. From their advisory:
http://security.debian.org/dists/stable/updates/source/make_3.77.orig.tar.gz
MD5Dum: b8264b1f8579d810a6de5db634aeafe4
http://security.debian.org/dists/stable/updates/source/make_3.77-5slink.diff.gz
MD5Dum: 4cf0016add45fb2bb1986cdcf3df4df2
http://security.debian.org/dists/stable/updates/source/make_3.77-5slink.dsc
MD5Dum: 351d1492a17cd4b38f522037a2714a86
Alpha architecture:
http://security.debian.org/dists/stable/updates/binary-alpha/make_3.77-5slink_alpha.deb
MD5Dum: a253a6d897edbc163595dbedefbfd8bc
Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/binary-i386/make_3.77-5slink_i386.deb
MD5Dum: 78367bf9f0d309d732eaa57bc9008462
Motorola 680×0 architecture:
http://security.debian.org/dists/stable/updates/binary-m68k/make_3.77-5slink_m68k.deb
MD5Dum: 678955fdde1a099db1ac7719e7026cbc
Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/binary-sparc/make_3.77-5slink_sparc.deb
MD5Dum: 87b8ff54ca2f9c1113349da5cf591331
Architecture independent archive (for completeness):
http://security.debian.org/dists/stable/updates/binary-all/make-doc_3.77-5slink_all.deb
MD5Dum: cb63706913f8202c52ead1031a8494dc

来源: BID
名称: 981
链接:http://www.securityfocus.com/bid/981