漏洞信息详情
GZip超长文件名缓冲区溢出漏洞
- CNNVD编号:CNNVD-200111-016
- 危害等级: 高危
![图片[1]-GZip超长文件名缓冲区溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-11/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2001-1228
- 漏洞类型:
缓冲区溢出
- 发布时间:
2001-11-18
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
gnu - 漏洞来源:
This vulnerability… -
漏洞简介
gzip 1.3x,1.2.4及其其他版本存在缓冲区溢出漏洞。攻击者可以借助超长文件名执行代码,如果gzip运行在FTP服务器上该漏洞可能是远程的。
漏洞公告
The following patch has been offered by greg
— gzip.c Thu Aug 19 09:39:43 1993
+++ gzip-fix.c Sun Dec 30 13:57:44 2001
@@ -1006,7 +1006,7 @@
char *dot; /* pointer to ifname extension, or NULL */
#endif
– strcpy(ifname, iname);
+ strncpy(ifname, iname, sizeof(ifname) – 1);
/* If input file exists, return OK. */
if (do_stat(ifname, sbuf) == 0) return OK;
@@ -1683,7 +1683,7 @@
}
len = strlen(dir);
if (len + NLENGTH(dp) + 1 < MAX_PATH_LEN – 1) {
– strcpy(nbuf,dir);
+ strncpy(nbuf, dir, sizeof(nbuf) – 1);
if (len != 0 /* dir = “” means current dir on Amiga */
#ifdef PATH_SEP2
&& dir[len-1] != PATH_SEP2
Various vendor-supplied fixes have been made available.
GNU gzip 1.2.4
-
Debian 2.2 arm gzip_1.2.4-33.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/gzip_1
.2.4-33.1_arm.deb -
Debian 2.2 i386 gzip_1.2.4-33.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/gzip_
1.2.4-33.1_i386.deb -
Debian 2.2 m68k gzip_1.2.4-33.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/gzip_
1.2.4-33.1_m68k.deb -
Debian 2.2 ppc gzip_1.2.4-33.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gz
ip_1.2.4-33.1_powerpc.deb -
Debian 2.2 sparc gzip_1.2.4-33.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/gzip
_1.2.4-33.1_sparc.deb -
Mandrake gzip-1.2.4a-9.1mdk.i586.rpmfor Linux-Mandrake 7.2 i586
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.2mdk.i586.rpmfor Linux-Mandrake 7.1 i586
http://www.mandrakesecure.net/en/ftp.php -
Sun 112668-01
http://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=112668&method=
f
GNU gzip 1.2.4 a
-
Mandrake gzip-1.2.4a-9.1mdk.i586.rpmfor Linux-Mandrake 7.2 i586
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.1mdk.i586.rpmfor Mandrake Linux 8.0 i586
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.1mdk.i586.rpmfor Mandrake Linux 8.1 i586
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.1mdk.i586.rpmfor Single Network Firewall 7.2 i586
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.1mdk.ia64.rpmfor Mandrake Linux 8.1 ia64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.1mdk.ppc.rpmfor Mandrake Linux 8.0 ppc
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.2mdk.i586.rpmfor Corporate Server 1.0.1 i586
http://www.mandrakesecure.net/en/ftp.php -
Mandrake gzip-1.2.4a-9.2mdk.i586.rpmfor Linux-Mandrake 7.1 i586
http://www.mandrakesecure.net/en/ftp.php -
Trustix gzip-1.2.4a-18tr.i586.rpmRelease 1.1
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/gzip-1.2.4a-18tr.i5
86.rpm -
Trustix gzip-1.2.4a-18tr.i586.rpmRelease 1.2
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/gzip-1.2.4a-18tr.i5
86.rpm -
Trustix gzip-1.2.4a-18tr.i586.rpmRelease 1.5
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/gzip-1.2.4a-18tr.i5
86.rpm -
Trustix gzip-doc-1.2.4a-18tr.i586.rpmRelease 1.1
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/gzip-doc-1.2.4a-18t
r.i586.rpm -
Trustix gzip-doc-1.2.4a-18tr.i586.rpmRelease 1.2
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/gzip-doc-1.2.4a-18t
r.i586.rpm -
Trustix gzip-doc-1.2.4a-18tr.i586.rpmRelease 1.5
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/gzip-doc-1.2.4a-18t
r.i586.rpm
参考网址
来源: BUGTRAQ
名称: 20011230 gzip bug w/ patch..
链接:http://online.securityfocus.com/archive/1/247717
来源: XF
名称: gzip-long-filename-bo(7882)
链接:http://www.iss.net/security_center/static/7882.php
来源: NETBSD
名称: NetBSD-SA2002-002
链接:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-002.txt.asc
来源: BID
名称: 3712
链接:http://www.securityfocus.com/bid/3712
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
