漏洞信息详情
多个供应商dump不安全环境变量漏洞
- CNNVD编号:CNNVD-200012-058
- 危害等级: 高危
![图片[1]-多个供应商dump不安全环境变量漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-09/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2000-1009
- 漏洞类型:
输入验证
- 发布时间:
2000-12-11
- 威胁类型:
本地
- 更新时间:
2005-10-20
- 厂 商:
redhat - 漏洞来源:
This vulnerability… -
漏洞简介
Red Hat Linux 6.2版本的dump信任由RSH环境变量说明的路径名。本地用户通过修改RSH变量指向特洛伊木马程序获得根特权。
漏洞公告
Patches available:
RedHat dump 0.4 b15-1
-
Red Hat Inc. 5.2 alpha dump-0.4b19-5.5x.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/dump-0.4b19-5.5x.alpha.rpm -
Red Hat Inc. 5.2 alpha dump-static-0.4b19-5.5x.alpha.rpm
http://www.securityfocus.com/external/ftp://updates.redhat.com/5.2/alp
ha/dump-static-0.4b19-5.5x.alpha.rpm -
Red Hat Inc. 5.2 alpha rmt-0.4b19-5.5x.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/rmt-0.4b19-5.5x.alpha -
Red Hat Inc. 5.2 i386 dump-0.4b19-5.5x.i386.rpm
ftp://updates.redhat.com/5.2/i386/dump-0.4b19-5.5x.i386.rpm -
Red Hat Inc. 5.2 i386 dump-static-0.4b19-5.5x.i386.rpm
ftp://updates.redhat.com/5.2/i386/dump-static-0.4b19-5.5x.i386.rpm -
Red Hat Inc. 5.2 i386 rmt-0.4b19-5.5x.i386.rpm
ftp://updates.redhat.com/5.2/i386/rmt-0.4b19-5.5x.i386.rpm -
Red Hat Inc. 5.2 source dump-0.4b19-5.5x.src.rpm
ftp://updates.redhat.com/5.2/SRPMS/dump-0.4b19-5.5x.src.rpm -
Red Hat Inc. 5.2 sparc dump-0.4b19-5.5x.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/dump-0.4b19-5.5x.sparc.rpm -
Red Hat Inc. 5.2 sparc dump-static-0.4b19-5.5x.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/dump-static-0.4b19-5.5x.sparc.rpm -
Red Hat Inc. 5.2 sparc rmt-0.4b19-5.5x.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/rmt-0.4b19-5.5x.sparc.rpm -
Red Hat Inc. 6.2 alpha dump-0.4b19-5.6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/dump-0.4b19-5.6x.alpha.rpm -
Red Hat Inc. 6.2 alpha dump-static-0.4b19-5.6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/dump-static-0.4b19-5.6x.alpha.rpm -
Red Hat Inc. 6.2 alpha rmt-0.4b19-5.6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/rmt-0.4b19-5.6x.alpha.rpm -
Red Hat Inc. 6.2 i386 dump-0.4b19-5.6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/dump-0.4b19-5.6x.i386.rpm -
Red Hat Inc. 6.2 i386 dump-static-0.4b19-5.6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/dump-static-0.4b19-5.6x.i386.rpm -
Red Hat Inc. 6.2 i386 rmt-0.4b19-5.6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/rmt-0.4b19-5.6x.i386.rpm -
Red Hat Inc. 6.2 source dump-0.4b19-5.6x.src.rpm
ftp://updates.redhat.com/6.2/SRPMS/dump-0.4b19-5.6x.src.rpm -
Red Hat Inc. 6.2 sparc dump-0.4b19-5.6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/dump-0.4b19-5.6x.sparc.rpm -
Red Hat Inc. 6.2 sparc dump-static-0.4b19-5.6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/dump-static-0.4b19-5.6x.sparc.rpm -
Red Hat Inc. 6.2 sparc rmt-0.4b19-5.6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/rmt-0.4b19-5.6x.sparc.rpm
NetBSD NetBSD 1.5
-
NetBSD SA2001-014-dump-1.5.patch
ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2001-014-dump-1.5.p
atch
NetBSD NetBSD 1.5.1
-
NetBSD SA2001-014-dump-1.5.patch
ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2001-014-dump-1.5.p
atch
Wirex Immunix OS 6.2
-
Wirex 6.2 i386 dump-0.4b19-5.6x_StackGuard.i386.rpm
http://immunix.org/ImmunixOS/6.2/updates/RPMS/dump-0.4b19-5.6x_StackGu
ard.i386.rpm
参考网址
来源: BID
名称: 1871
链接:http://www.securityfocus.com/bid/1871
来源: XF
名称: linux-dump-execute-code
链接:http://xforce.iss.net/static/5437.php
来源: BUGTRAQ
名称: 20001030 Redhat 6.2 dump command executes external program with suid priviledge.
链接:http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html
受影响实体
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
