漏洞信息详情
Rxvt 本地缓冲区溢出漏洞
- CNNVD编号:CNNVD-200106-065
- 危害等级: 中危
![图片[1]-Rxvt 本地缓冲区溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-09/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2001-1077
- 漏洞类型:
边界条件错误
- 发布时间:
2001-06-15
- 威胁类型:
本地
- 更新时间:
2005-10-20
- 厂 商:
rxvt - 漏洞来源:
-
漏洞简介
CVE(CAN) ID: CAN-2001-1077
Rxvt是一个彩色VT102中断仿真程序,可以作为xterm的替代软件。
rxvt存在一个缓冲区溢出漏洞。如果给它的某些命令行选项(\”-T\”或者\”-name\”)提供超长
的参数,就会触发缓冲区溢出。rxvt在某些系统下被设置了setgid utmp属性,本地攻击
者可能利用这个漏洞来获取utmp组权限。
有问题的代码在tt_printf()函数:
void
tt_printf(const char *fmt,…)
{
int i;
va_list arg_ptr;
unsigned char buf[256];
va_start(arg_ptr, fmt);
vsprintf(buf, fmt, arg_ptr);
va_end(arg_ptr);
tt_write(buf, strlen(buf));
}
漏洞公告
临时解决方法:
我们建议您暂时去掉rxvt的setuid/setgid属性:
# chmod a-s rxvt
厂商补丁:
Debian Linux (
http://www.debian.org/security/)为此发布了一份安全公告 :
DSA-062-1 rxvt: buffer overflow
http://www.debian.org/security/2001/dsa-062
补丁下载 –
________________________________________________________________________
Debian GNU/Linux 2.2 (potato)
Source:
http://security.debian.org/dists/stable/updates/main/source/rxvt_2.6.2-2.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/rxvt_2.6.2-2.1.dsc
http://security.debian.org/dists/stable/updates/main/source/rxvt_2.6.2.orig.tar.gz
Alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/rxvt-ml_2.6.2-2.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/rxvt_2.6.2-2.1_alpha.deb
ARM:
http://security.debian.org/dists/stable/updates/main/binary-arm/rxvt-ml_2.6.2-2.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/rxvt_2.6.2-2.1_arm.deb
Intel IA-32:
http://security.debian.org/dists/stable/updates/main/binary-i386/rxvt-ml_2.6.2-2.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/rxvt_2.6.2-2.1_i386.deb
Motorola 680×0:
http://security.debian.org/dists/stable/updates/main/binary-m68k/rxvt-ml_2.6.2-2.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/rxvt_2.6.2-2.1_m68k.deb
PowerPC:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/rxvt-ml_2.6.2-2.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/rxvt_2.6.2-2.1_powerpc.deb
Sun Sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/rxvt-ml_2.6.2-2.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/rxvt_2.6.2-2.1_sparc.deb
________________________________________________________________________
参考网址
来源: XF
名称: rxvt-ttprintf-bo(6701)
链接:http://xforce.iss.net/static/6701.php
来源: BUGTRAQ
名称: 20010615 Rxvt vulnerability
链接:http://www.securityfocus.com/archive/1/191510
来源: DEBIAN
名称: DSA-062
链接:http://www.debian.org/security/2001/dsa-062
来源: IMMUNIX
名称: IMNX-2001-70-028-01
链接:http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-028-01
来源: MANDRAKE
名称: MDKSA-2001:060
链接:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-060.php
来源: BID
名称: 2878
链接:http://www.securityfocus.com/bid/2878
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
