HP Tru64 _XKB_CHARSET 本地缓冲区溢出漏洞-一一网

漏洞信息详情

HP Tru64 UNIX 5.1a，5.1，5.0a，4.0g，和4.0f版本存在缓冲区溢出漏洞。攻击者借助到(1)dxpause，(2)dxconsole，或者(3)dtsession的超长_XKB_CHARSET环境变量执行任意代码。

HP has released fixes for Tru64 UNIX/TruCluster systems. Note that appropriate patchkits must be applied.
Compaq Tru64 4.0 g PK3 (BL17)

Compaq Tru64 4.0 f PK7 (BL18)

Compaq Tru64 5.0 a PK3 (BL17)

Compaq Tru64 5.1 a PK2 (BL2)

Compaq Tru64 5.1 PK5 (BL19)

来源:US-CERT Vulnerability Note: VU#693803
名称: VU#693803
链接:http://www.kb.cert.org/vuls/id/693803

来源:US-CERT Vulnerability Note: VU#584243
名称: VU#584243
链接:http://www.kb.cert.org/vuls/id/584243

来源:US-CERT Vulnerability Note: VU#569987
名称: VU#569987
链接:http://www.kb.cert.org/vuls/id/569987

来源: XF
名称: tru64-multiple-binaries-bo(10016)
链接:http://xforce.iss.net/xforce/xfdb/10016

来源: BUGTRAQ
名称: 20020902 Happy Labor Day from Snosoft
链接:http://www.securityfocus.com/archive/1/290115

来源: www.blacksheepnetworks.com
链接:http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txt

来源: FULLDISC
名称: 20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification
链接:http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html

来源: HP
名称: SSRT2275
链接:http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11

文章版权归作者所有，未经允许请勿转载。

THE END