Solaris Xsun缓冲区溢出漏洞

漏洞信息详情

Solaris Xsun缓冲区溢出漏洞

• CNNVD编号：CNNVD-200004-064
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2000-0337
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2000-04-24
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  sun
• 漏洞来源：
  This vulnerability…

Solaris 7的Xsun X server存在缓冲区溢出漏洞，本地用户可以通过超长-dev参数获取根用户权限。

Patches have been made available on SunSolve for Solaris 8, sparc and x86. They are currently only for contract customers. Presumably, Solaris 7 patches are forthcoming, and will also be available at SunSolve. Due to the nature of this vulnerability, these patches should be made public shortly. Patches for this, and other vulnerabilities in Sun products are available at
http://sunsolve.sun.com
Removal of the setgid bit on the binary does not seem to have any noticeable negative effects, and will eliminate this vulnerability, on the Sparc platform. It will disable the ability of the Xserver to manage display power and adjust the priority of processes in the “IA” class (allowing the window in the foreground to have an elevated priority). Running under xdm, with the setgid bit removed, will re-enable this feature.
x86 users may find that they need Xsun to run as root in order to access the video device. In this case, a suitable solution is to remove the setuid bit, and launch X only via the dtlogin program, or xdm. dtconfig -e will enable this.
Sun Solaris 8_x86

• Sun 108653-08
  

Sun Solaris 8

• Sun 108652-08
  

Sun Solaris 7.0 _x86

• Sun 108377-07
  

Sun Solaris 7.0

• Sun 108376-08
  

来源: BID
名称: 1140
链接:http://www.securityfocus.com/bid/1140

来源: BUGTRAQ
名称: 20000424 Solaris x86 Xsun overflow.
链接:http://archives.neohapsis.com/archives/bugtraq/2000-04/0188.html