Linux Capabilities漏洞

漏洞信息详情

Linux Capabilities漏洞

• CNNVD编号：CNNVD-200006-051
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2000-0506
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2000-06-09
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2007-05-16
  
• 厂        商：
  
  linux
• 漏洞来源：
  Discovered by Wojc…

Linux 2.2.16之前版本中\”capabilities\”功能存在漏洞。本地用户通过设置capabilities阻止setuid程序降低权限daozhijjfw，又称为\”Linux kernel setuid/setcap vulnerability.\”

Upgrade to Linux kernel version 2.2.16pre6 which is patched.
Fixed packages for various linux distributions are available in the advisories linked to in the reference section of this vuldb entry.

来源: BUGTRAQ
名称: 20000609 Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006090852340.3475-300000@alfa.elzabsoft.pl

来源: BID
名称: 1322
链接:http://www.securityfocus.com/bid/1322

来源: REDHAT
名称: RHSA-2000:037
链接:http://www.redhat.com/support/errata/RHSA-2000-037.html

来源: BUGTRAQ
名称: 20000608 CONECTIVA LINUX SECURITY ANNOUNCEMENT – kernel
链接:http://archives.neohapsis.com/archives/bugtraq/2000-06/0063.html

来源: BUGTRAQ
名称: 20000609 Trustix Security Advisory
链接:http://archives.neohapsis.com/archives/bugtraq/2000-06/0062.html

来源: SGI
名称: 20000802-01-P
链接:ftp://sgigate.sgi.com/security/20000802-01-P