Mgetty呼叫名字ID 名字过长缓冲区溢出漏洞-一一网

Mgetty呼叫名字ID 名字过长缓冲区溢出漏洞

4年前更新

1560

漏洞信息详情

Mgetty呼叫名字ID 名字过长缓冲区溢出漏洞

CNNVD编号：CNNVD-200301-026

危害等级：高危
CVE编号：
CVE-2002-1391
漏洞类型：

缓冲区溢出
发布时间：

2003-01-17
威胁类型：

远程
更新时间：

2005-05-13
厂商：

gert_doering
漏洞来源：
gert_doering

漏洞简介

mgetty 1.1.29之前版本中的cnd-program存在缓冲区溢出漏洞。远程攻击者可以借助具有超长CallerName参数的呼叫名字ID字符串导致服务拒绝和可能执行任意代码。

漏洞公告

Version 1.1.29 of mgetty has been released to address this issue.
Mandrake Linux has released advisory MDKSA-2003:053 to address this issue.
Red Hat has released advisory RHSA-2003:036-01 to address this issue.
Caldera has released advisory CSSA-2003-021.0, and made fixes available to address this issue.
Sun has released a fix for Sun Linux 5.0.6.
Fixes available:
mgetty mgetty 1.1.25

mgetty mgetty1.1.30-Dec16.tar.gz
ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g
z
Red Hat mgetty-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/mgetty-1.1.30-0.7.i386.rpm
Red Hat mgetty-sendfax-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/mgetty-sendfax-1.1.30-0.7.i386
.rpm
Red Hat mgetty-viewfax-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/mgetty-viewfax-1.1.30-0.7.i386
.rpm
Red Hat mgetty-voice-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/mgetty-voice-1.1.30-0.7.i386.r
pm

mgetty mgetty 1.1.26

mgetty mgetty1.1.30-Dec16.tar.gz
ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g
z
Red Hat mgetty-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/mgetty-1.1.30-0.7.i386.rpm
Red Hat mgetty-1.1.30-0.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-1.1.30-0.7.ia64.rpm
Red Hat mgetty-sendfax-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/mgetty-sendfax-1.1.30-0.7.i386
.rpm
Red Hat mgetty-sendfax-1.1.30-0.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-sendfax-1.1.30-0.7.ia64
.rpm
Red Hat mgetty-viewfax-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/mgetty-viewfax-1.1.30-0.7.i386
.rpm
Red Hat mgetty-viewfax-1.1.30-0.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-viewfax-1.1.30-0.7.ia64
.rpm
Red Hat mgetty-voice-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/mgetty-voice-1.1.30-0.7.i386.r
pm
Red Hat mgetty-voice-1.1.30-0.7.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-voice-1.1.30-0.7.ia64.r
pm

mgetty mgetty 1.1.27

mgetty mgetty1.1.30-Dec16.tar.gz
ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g
z

mgetty mgetty 1.1.28

mgetty mgetty1.1.30-Dec16.tar.gz
ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g
z
Red Hat mgetty-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/mgetty-1.1.30-0.7.i386.rpm
Red Hat mgetty-1.1.30-0.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/mgetty-1.1.30-0.8.0.i386.rpm
Red Hat mgetty-sendfax-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/mgetty-sendfax-1.1.30-0.7.i386
.rpm
Red Hat mgetty-sendfax-1.1.30-0.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/mgetty-sendfax-1.1.30-0.8.0.i3
86.rpm
Red Hat mgetty-viewfax-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/mgetty-viewfax-1.1.30-0.7.i386
.rpm
Red Hat mgetty-viewfax-1.1.30-0.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/mgetty-viewfax-1.1.30-0.8.0.i3
86.rpm
Red Hat mgetty-voice-1.1.30-0.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/mgetty-voice-1.1.30-0.7.i386.r
pm
Red Hat mgetty-voice-1.1.30-0.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/mgetty-voice-1.1.30-0.8.0.i386
.rpm

MandrakeSoft Multi Network Firewall 2.0

Mandrake mgetty-1.1.30-1.1mdk.i586.rpmMulti Network Firewall 8.2

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-1.1.30-1.1mdk.src.rpmMulti Network Firewall 8.2

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-contrib-1.1.30-1.1mdk.i586.rpmMulti Network Firewall 8.2

http://www.mandrakesecure.net/en/ftp.php

MandrakeSoft Corporate Server 2.1

Mandrake mgetty-1.1.30-1.1mdk.i586.rpmCorporate Server 2.1

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-1.1.30-1.1mdk.src.rpmCorporate Server 2.1

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-contrib-1.1.30-1.1mdk.i586.rpmCorporate Server 2.1

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-sendfax-1.1.30-1.1mdk.i586.rpmCorporate Server 2.1

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-viewfax-1.1.30-1.1mdk.i586.rpmCorporate Server 2.1

http://www.mandrakesecure.net/en/ftp.php
Mandrake mgetty-voice-1.1.30-1.1mdk.i586.rpmCorporate Server 2.1

http://www.mandrakesecure.net/en/ftp.php

Sun Linux 5.0.6

Sun mgetty-1.1.30-0.7.i386.rpm

参考网址

来源: search.alphanet.ch
链接:http://search.alphanet.ch/cgi-bin/search.cgi?msgid=20021125142338.E12094%40greenie.muc.de&max_results=1&type=long&domain=ml-mgetty

来源: XF
名称: mgetty-cndprogram-callername-bo(11072)
链接:http://xforce.iss.net/xforce/xfdb/11072

来源: BID
名称: 7303
链接:http://www.securityfocus.com/bid/7303

来源: REDHAT
名称: RHSA-2003:036
链接:http://www.redhat.com/support/errata/RHSA-2003-036.html

来源: REDHAT
名称: RHSA-2003:008
链接:http://www.redhat.com/support/errata/RHSA-2003-008.html

来源: GENTOO
名称: GLSA-200304-09
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105154413326136&w=2

来源: CALDERA
名称: CSSA-2003-021.0
链接:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-021.0.txt

受影响实体

Gert_doering Mgetty:1.1.29

© 版权声明

文章版权归作者所有，未经允许请勿转载。

THE END

喜欢就支持一下吧

相关推荐