Solaris lpset -r缓冲区溢出漏洞

漏洞信息详情

Solaris lpset -r缓冲区溢出漏洞

• CNNVD编号：CNNVD-200004-068
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2000-0317
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2000-04-24
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  sun
• 漏洞来源：
  This vulnerability…

Solaris 7 lpset 存在缓冲区溢出漏洞，本地用户可以通过超长-r选项获得根用户权限。

Sun has made the following patches available from
http://sunsolve.sun.com/securitypatch:
SunOS 5.8 109320-01
SunOS 5.8_x86 109321-01
SunOS 5.7 107115-05
SunOS 5.7_x86 107115-05
SunOS 5.6 106235-06
SunOS 5.6_x86 106236-06
Checksums are available at: ftp://sunsolve.sun.com/pub/patches/CHECKSUMS
Removal of the setuid bit on the lpset executable will remove this problem. As this program is intended to only be runable by root, and members of the ‘sysadmin’ group (group14), removal of this bit should not have a significant impact.

来源: BID
名称: 1138
链接:http://www.securityfocus.com/bid/1138

来源: BUGTRAQ
名称: 20000424 Solaris 7 x86 lpset exploit.
链接:http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html

来源: BUGTRAQ
名称: 20000424 Solaris 7 x86 lpset exploit.
链接:http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html

来源: BUGTRAQ
名称: 20000427 Re: Solaris/SPARC 2.7 lpset exploit (well not likely !)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=95729763119559&w=2