漏洞信息详情
Sun Solaris卷管理器本地缓冲区溢出漏洞
- CNNVD编号:CNNVD-200212-391
- 危害等级: 高危
![图片[1]-Sun Solaris卷管理器本地缓冲区溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-04-26/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2002-1980
- 漏洞类型:
边界条件错误
- 发布时间:
2002-07-11
- 威胁类型:
本地
- 更新时间:
2005-10-20
- 厂 商:
sun - 漏洞来源:
Sun Microsystems -
漏洞简介
Solaris是Sun公司开发和维护的Unix类操作系统。Solaris卷管理器(Solaris Volume Manager)是Solaris下的磁盘分区管理工具。
Solaris卷管理器实现上存在一个缓冲区溢出漏洞,本地攻击者可能利用此漏洞以root用户的权限在主机上执行任意指令。
在某些情况下,Solaris卷管理器可能发生缓冲区溢出,一个本地用户可能利用此漏洞通过溢出攻击以Solaris卷管理器守护进程的权限(通常是root)执行任意指令。
漏洞公告
临时解决方法:
如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 停止vold守护进程,并修改脚本防止其系统重启以后自动启动。可以用如下命令完成:
# /etc/init.d/volmgt stop
# mv /etc/rc2.d/S92volmgt /etc/rc2.d/volmgtS92_DISABLED
厂商补丁:
Sun
—
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
SPARC
Solaris 2.5.1 with patch 104010-02 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=104010&rev=02” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=104010&rev=02
Solaris 2.6 with patch 107618-04 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107618&rev=04” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107618&rev=04
Solaris 7 with patch 107259-04 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107259&rev=04” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107259&rev=04
Solaris 8 with patch 108968-07 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108968&rev=07” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108968&rev=07
Intel
Solaris 2.5.1 with patch 104011-02 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=104011&rev=02” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=104011&rev=02
Solaris 2.6 with patch 107619-04 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107619&rev=04” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107619&rev=04
Solaris 7 with patch 107260-04 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107260&rev=04” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107260&rev=04
Solaris 8 with patch 108969-07 or later
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108969&rev=07” target=”_blank”>
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108969&rev=07
参考网址
来源: BID
名称: 5207
链接:http://www.securityfocus.com/bid/5207
来源: XF
名称: solaris-vold-bo(9545)
链接:http://www.iss.net/security_center/static/9545.php
来源: SUNALERT
名称: 45707
链接:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45707
来源:NSFOCUS
名称:3082
链接:http://www.nsfocus.net/vulndb/3082
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
