漏洞信息详情
FreeBSD系统调用f_count整数溢出漏洞
- CNNVD编号:CNNVD-200312-477
- 危害等级: 低危
![图片[1]-FreeBSD系统调用f_count整数溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-17/fa6998ac850c38cb90c47a02e5a8652c.png)
- CVE编号:
CVE-2003-1234
- 漏洞类型:
缓冲区溢出
- 发布时间:
2003-12-31
- 威胁类型:
本地
- 更新时间:
2007-05-11
- 厂 商:
freebsd - 漏洞来源:
Discovery of this … -
漏洞简介
FreeBSD 4.2至5.0版本之前的f_count计数器存在整数溢出漏洞。本地用户可以借助多个对(1)fpathconf和(2)lseek的调用导致服务拒绝(崩溃)并可能执行任意代码,该漏洞在调用fdrop时f_count不能自动减一。
漏洞公告
This vulnerability is present in all RELEASE versions of FreeBSD.
The RELENG_4 (STABLE) branch dated later than 20021111 is not vulnerable to this issue.
This vulnerability has been addressed in the CVS tree at the following location:
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/kern/kern_descrip.c
Users are advised to obtain the fixes from the CVS tree.
FreeBSD FreeBSD 4.4
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
FreeBSD FreeBSD 4.5
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
FreeBSD FreeBSD 4.5 -RELEASE
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
FreeBSD FreeBSD 4.6
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
FreeBSD FreeBSD 4.6 -RELEASE
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
FreeBSD FreeBSD 4.7
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
FreeBSD FreeBSD 4.7 -RELEASE
-
FreeBSD filedesc.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:44/filedesc.patch
参考网址
来源: BID
名称: 6524
链接:http://www.securityfocus.com/bid/6524
来源: XF
名称: freebsd-kernel-integer-overflow(10993)
链接:http://www.iss.net/security_center/static/10993.php
来源: BUGTRAQ
名称: 20030107 FreeBSD Security Advisory FreeBSD-SA-02:44.filedesc
链接:http://archives.neohapsis.com/archives/bugtraq/2003-01/0057.html
来源: www.pine.nl
链接:http://www.pine.nl/press/pine-cert-20030101.txt
来源: VULNWATCH
名称: 20030106 PDS: Integer overflow in FreeBSD kernel
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0006.html
来源: FREEBSD
名称: FreeBSD-SA-02:44
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc
来源: SECTRACK
名称: 1005898
链接:http://www.securitytracker.com/id?1005898
来源: BUGTRAQ
名称: 20030106 PDS: Integer overflow in FreeBSD kernel
链接:http://www.securityfocus.com/archive/1/archive/1/305308/30/26420/threaded
来源: SECUNIA
名称: 7821
链接:http://secunia.com/advisories/7821
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
