Compaq Tru64 C Library缓冲区溢出漏洞

漏洞信息详情

Compaq Tru64 C Library缓冲区溢出漏洞

• CNNVD编号：CNNVD-200212-682
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-2002
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2002-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  compaq
• 漏洞来源：
  Announced in Compa…

Compaq Tru64 4.0F，5.0，5.1 和5.1A版本的libc存在缓冲区溢出漏洞。攻击者借助超长(1)LANG和(2)LOCPATH环境变量执行任意代码。

Compaq has stated that the fixes will be included in the next aggregate patch kit for each supported version.
Below are early-release patches:
Compaq Tru64 4.0 f PK7 (BL18)

• Compaq duv40fb18-c0067301-13427-es-20020228.tar
  
  http://ftp1.support.compaq.com/public/unix/v4.0f/

Compaq Tru64 4.0 g PK3 (BL17)

• Compaq t64v40gb17-c0010301-13400-es-20020226.tar
  
  http://ftp1.support.compaq.com/public/unix/v4.0g/
• Compaq t64v50ab17-c0018301-13396-es-20020226.tar
  
  http://ftp1.support.compaq.com/public/unix/v5.0a/

Compaq Tru64 5.0 a PK3 (BL17)

• Compaq t64v50ab17-c0018301-13396-es-20020226.tar
  
  http://ftp1.support.compaq.com/public/unix/v5.0a/

Compaq Tru64 5.1 PK4 (BL18)

• Compaq t64v51b18-c0102001-13428-es-20020228.tar
  
  http://ftp1.support.compaq.com/public/unix/v5.1/

Compaq Tru64 5.1 a PK1 (BL1)

• Compaq t64v51ab1-c0011201-13438-es-20020228.tar
  
  http://ftp1.support.compaq.com/public/unix/v5.1/

Compaq Tru64 5.1

• Compaq t64v51b18-c0102001-13428-es-20020228.tar
  
  http://ftp1.support.compaq.com/public/unix/v5.1/

来源: BID
名称: 4544
链接:http://www.securityfocus.com/bid/4544

来源: XF
名称: libc-lang-locpath-bo(8863)
链接:http://www.iss.net/security_center/static/8863.php

来源: BUGTRAQ
名称: 20020417 [SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00219.html

来源: COMPAQ
名称: SSRT0771U
链接:http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml