Solaris dtsession HOME缓冲区溢出漏洞

漏洞信息详情

Solaris dtsession HOME缓冲区溢出漏洞

• CNNVD编号：CNNVD-200304-054
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2003-0092
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2003-04-02
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  sun
• 漏洞来源：
  Discovered by NSFO…

Solaris 2.5.1至Solaris 9版本的dtsession存在基于堆的缓冲区溢出漏洞。本地用户借助超长HOME环境变量提升根特权。

Patches are available for vulnerable versions:
Sun Solaris 8

• Sun 109354-19
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=109354&rev=19

Sun Solaris 9

• Sun 114497-01
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=114497&rev=01

Sun Solaris 9_x86

• Sun 114498-01
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=114498&rev=01

Sun Solaris 8_x86

• Sun 109355-18
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=109355&rev=18

Sun Solaris 2.6

• Sun 106027-12
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=106027&rev=12

Sun Solaris 2.6 _x86

• Sun 106028-12
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=106028&rev=12

Sun Solaris 7.0

• Sun 107702-12
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107702&rev=12

Sun Solaris 7.0 _x86

• Sun 107703-12
  
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107703&rev=12

来源: VULNWATCH
名称: 20030331 NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0163.html

来源: BID
名称: 7240
链接:http://www.securityfocus.com/bid/7240

来源: BUGTRAQ
名称: 20030331 NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/316948/30/25250/threaded

来源: SUNALERT
名称: 52388
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-52388-1

来源: US Government Resource: oval:org.mitre.oval:def:1905
名称: oval:org.mitre.oval:def:1905
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1905