漏洞信息详情
libgtop_daemon远程格式化字符串漏洞
- CNNVD编号:CNNVD-200111-043
- 危害等级: 高危
![图片[1]-libgtop_daemon远程格式化字符串漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-11/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2001-0928
- 漏洞类型:
边界条件错误
- 发布时间:
2001-11-28
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
gnome - 漏洞来源:
Beno?t Roussel※ be… -
漏洞简介
libgtop_daemon是GNOME的一个守护程序,用来监视服务器上运行的进程。
该守护程序存在一个格式串漏洞,可能导致远程攻击者以普通用户的权限在主机上执行任意指令。
该守护程序的两个函数syslog_message()和syslog_io_message()调用了格式化字符串,而这些格式化字符串是由客户端初始化的。因此,通过精心构造一个特殊的格式化字符串,可能允许远程攻击者执行任意代码。由于该守护程序以nobody身份运行,因此攻击者将获得nobody权限。
漏洞公告
临时解决方法:
如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 暂时停止运行该守护程序。
* 手工修改”src/daemon/gnuserv.c”如下:
在函数syslog_message()中,将
syslog (priority, buffer);
换为:
syslog (priority, “%s”, buffer);
在函数syslog_io_message(),将
syslog (priority, buffer2);
换为:
syslog (priority, “%s”, buffer2);
重新编译程序。
厂商补丁:
Conectiva
———
Conectiva已经为此发布了一个安全公告(CLA-2002:448)以及相应补丁:
CLA-2002:448:libgtop vulnerabilities
链接:
补丁下载:
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/libgtop-1.0.13-U50_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/libgtop-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/libgtop-devel-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/libgtop-devel-static-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/libgtop-examples-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/libgtop-1.0.13-U51_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/libgtop-1.0.13-U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/libgtop-devel-1.0.13-U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/libgtop-devel-static-1.0.13-U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/libgtop-examples-1.0.13-U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/libgtop-1.0.13-U60_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libgtop-1.0.13-U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libgtop-devel-1.0.13-U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libgtop-devel-static-1.0.13-U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/libgtop-examples-1.0.13-U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/libgtop-1.0.13-U70_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgtop-1.0.13-U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgtop-devel-1.0.13-U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgtop-devel-static-1.0.13-U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/libgtop-examples-1.0.13-U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/libgtop-1.0.13-U50_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/libgtop-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/libgtop-devel-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/libgtop-1.0.13-U50_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/libgtop-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/libgtop-devel-1.0.13-U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/libgtop-examples-1.0.13-U50_2cl.i386.rpm
Debian
——
Debian已经为此发布了一个安全公告(DSA-098-1)以及相应补丁:
DSA-098-1:libgtop: format string vulnerability and buffer overflow
链接:http://www.debian.org/security/2002/dsa-098” target=”_blank”>
http://www.debian.org/security/2002/dsa-098
补丁下载:
Debian GNU/Linux 2.2 alias potato
– ———————————
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
http://security.debian.org/dists/stable/updates/main/source/libgtop_1.0.6-1.1.diff.gz” target=”_blank”>
http://security.debian.org/dists/stable/updates/main/source/libgtop_1.0.6-1.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/libgtop_1.0.6-1.1.dsc” target=”_blank”>
http://security.debian.org/dists/stable/updates/main/source/libgtop_1.0.6-1.1.dsc
http://security.debian.org/dists/stable/updates/main/source/libgtop_1.0.6.orig.tar.gz” target=”_blank”>
http://security.debian.org/dists/stable/updates/main/source/libgtop_1.0.6.orig.tar.gz
Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgtop-daemon_1.0.6-1.1_alpha.deb” target=”_blank”>
http://security.debian.org/dists/stable/updates/main/binary-alpha
参考网址
来源:US-CERT Vulnerability Note: VU#705771
名称: VU#705771
链接:http://www.kb.cert.org/vuls/id/705771
来源: DEBIAN
名称: DSA-301
链接:http://www.debian.org/security/2003/dsa-301
来源: DEBIAN
名称: DSA-098
链接:http://www.debian.org/security/2002/dsa-098
来源: BID
名称: 3594
链接:http://www.securityfocus.com/bid/3594
来源: BUGTRAQ
名称: 20011128 Re: [CERT-intexxia] libgtop_daemon Remote Format String Vulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100699007010203&w=2
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
