nvi 格式化字符串漏洞

漏洞信息详情

nvi 格式化字符串漏洞

• CNNVD编号：CNNVD-200112-167
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2001-1562
  
• 漏洞类型：
  
  
  格式化字符串
  
• 发布时间：
  
  2001-12-31
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2006-01-27
  
• 厂        商：
  
  bsd
• 漏洞来源：
  This vulnerability…

nvi 1.79之前的版本存在格式化字符串漏洞。本地用户通过在文件名中的格式化字符串说明符获取特权。

Upgrades are available.
BSD nvi 1.79

• Debian 2.2 alpha nvi-m17n-canna_1.79+19991117-2.3_alpha.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-alpha/nvi-
  m17n-canna_1.79+19991117-2.3_alpha.deb
• Debian 2.2 alpha nvi-m17n_1.79+19991117-2.3_alpha.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-alpha/nvi-
  m17n_1.79+19991117-2.3_alpha.deb
• Debian 2.2 alpha nvi_1.79-16a.1_alpha.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-alpha/nvi_
  1.79-16a.1_alpha.deb
• Debian 2.2 arm nvi-m17n-canna_1.79+19991117-2.3_arm.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-arm/nvi-m1
  7n-canna_1.79+19991117-2.3_arm.deb
• Debian 2.2 arm nvi-m17n_1.79+19991117-2.3_arm.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-arm/nvi-m1
  7n_1.79+19991117-2.3_arm.deb
• Debian 2.2 arm nvi_1.79-16a.1_arm.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-arm/nvi_1.
  79-16a.1_arm.deb
• Debian 2.2 i386 nvi-m17n-canna_1.79+19991117-2.3_i386.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-i386/nvi-m
  17n-canna_1.79+19991117-2.3_i386.deb
• Debian 2.2 i386 nvi-m17n_1.79+19991117-2.3_i386.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-i386/nvi-m
  17n_1.79+19991117-2.3_i386.deb
• Debian 2.2 i386 nvi_1.79-16a.1_i386.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-i386/nvi_1
  .79-16a.1_i386.deb
• Debian 2.2 m68k nvi-m17n-canna_1.79+19991117-2.3_m68k.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-m68k/nvi-m
  17n-canna_1.79+19991117-2.3_m68k.deb
• Debian 2.2 m68k nvi-m17n_1.79+19991117-2.3_m68k.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-m68k/nvi-m
  17n_1.79+19991117-2.3_m68k.deb
• Debian 2.2 m68k nvi_1.79-16a.1_m68k.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-m68k/nvi_1
  .79-16a.1_m68k.deb
• Debian 2.2 noarch nvi-m17n-common_1.79+19991117-2.3_all.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-all/nvi-m1
  7n-common_1.79+19991117-2.3_all.deb
• Debian 2.2 ppc nvi-m17n-canna_1.79+19991117-2.3_powerpc.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/nv
  i-m17n-canna_1.79+19991117-2.3_powerpc.deb
• Debian 2.2 ppc nvi-m17n_1.79+19991117-2.3_powerpc.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/nv
  i-m17n_1.79+19991117-2.3_powerpc.deb
• Debian 2.2 ppc nvi_1.79-16a.1_powerpc.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/nv
  i_1.79-16a.1_powerpc.deb
• Debian 2.2 sparc nvi-m17n-canna_1.79+19991117-2.3_sparc.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-sparc/nvi-
  m17n-canna_1.79+19991117-2.3_sparc.deb
• Debian 2.2 sparc nvi-m17n_1.79+19991117-2.3_sparc.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-sparc/nvi-
  m17n_1.79+19991117-2.3_sparc.deb
• Debian 2.2 sparc nvi_1.79-16a.1_sparc.deb
  
  http://security.debian.org/dists/stable/updates/main/binary-sparc/nvi_
  1.79-16a.1_sparc.deb

来源: DEBIAN
名称: DSA-085
链接:http://www.debian.org/security/2001/dsa-085

来源: SUSE
名称: SuSE-SA:2001:040
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100526142205694&w=2

来源: BID
名称: 3456
链接:http://www.securityfocus.com/bid/3456

来源: XF
名称: nvi-format-string(7317)
链接:http://www.iss.net/security_center/static/7317.php

来源: SUSE
名称: SuSE-SA:2001:040
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100526142205694&w=2