IRIX ‘netprint’ 任意共享库使用漏洞

漏洞信息详情

IRIX ‘netprint’ 任意共享库使用漏洞

• CNNVD编号：CNNVD-200106-145
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2001-0485
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2001-06-27
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-05-13
  
• 厂        商：
  
  sgi
• 漏洞来源：
  First posted to Bu…

IRIX 6.2和可能其他的版本的netprint存在未知漏洞。本地用户和lp特权攻击者借助-n选项执行任意命令。

SGI contacted Security Focus and confirmed that this vulnerability exists and has filed it as Bug 822323. The status of this bug can be tracked from the SGI support site, linked to in the reference section of this vulnerability. A security advisory will be released when fixes are ready.
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
SGI IRIX 6.5.12 f
@securityfocus.com>

• SGI 4311
  ftp://patches.sgi.com/support/free/security/patches/

SGI IRIX 6.5.12 m

• SGI 4310
  ftp://patches.sgi.com/support/free/security/patches/

来源: BID
名称: 2656
链接:http://www.securityfocus.com/bid/2656

来源: XF
名称: irix-netprint-shared-library(6473)
链接:http://xforce.iss.net/xforce/xfdb/6473

来源: BUGTRAQ
名称: 20010426 IRIX /usr/lib/print/netprint local root symbols exploit.
链接:http://archives.neohapsis.com/archives/bugtraq/2001-04/0475.html

来源: OSVDB
名称: 8571
链接:http://www.osvdb.org/8571

来源: BUGTRAQ
名称: 20010427 Re: IRIX /usr/lib/print/netprint local root symbols exploit.
链接:http://archives.neohapsis.com/archives/bugtraq/2001-04/0502.html

来源: SGI
名称: 20010701-01-P
链接:ftp://patches.sgi.com/support/free/security/advisories/20010701-01-P