Linux Kernel NCPFS ncp_lookup()未明本地权限提升漏洞

漏洞信息详情

Linux Kernel NCPFS ncp_lookup()未明本地权限提升漏洞

• CNNVD编号：CNNVD-200403-022
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2004-0010
  
• 漏洞类型：
  
  
  未知
  
• 发布时间：
  
  2004-02-18
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  linux
• 漏洞来源：
  Arjan van de Ven

Linux是一款开放源代码操作系统。
Linux内核支持的NCPFS存在安全问题，本地攻击者可以利用这个漏洞提升权限。
ncpfs只用于允许系统挂接NetWare服务卷或打印到NetWare打印服务器操作，其包含的ncp_looup()函数存在问题，可导致权限提升问题。

厂商补丁：
Conectiva
———
Conectiva已经为此发布了一个安全公告(CLA-2004:820)以及相应补丁:

CLA-2004:820：kernel

链接：http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000820” target=”_blank”>
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000820

补丁下载：

Linux kernel 2.4.19:

Conectiva Upgrade devfsd-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/devfsd-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-BOOT-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-BOOT-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-doc-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-doc-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-headers-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-headers-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-rbc-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-rbc-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-smp-2.4.19-1U80_21cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_21cl.i386.rpm

Conectiva Upgrade kernel-2.4.19-1U80_21cl.i586.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_21cl.i586.rpm

Conectiva Upgrade kernel-2.4.19-1U80_21cl.i686.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_21cl.i686.rpm

Conectiva Upgrade kernel-enterprise-2.4.19-1U80_21cl.i686.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-enterprise-2.4.19-1U80_21cl.i686.rpm

Conectiva Upgrade kernel-smp-2.4.19-1U80_21cl.i586.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_21cl.i586.rpm

Conectiva Upgrade kernel-smp-2.4.19-1U80_21cl.i686.rpm

ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_21cl.i686.rpm

Linux kernel 2.4.21:

Conectiva Upgrade devfsd-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/devfsd-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-2.4.21-31301U90_15cl.i586.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_15cl.i586.rpm

Conectiva Upgrade kernel24-2.4.21-31301U90_15cl.i686.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_15cl.i686.rpm

Conectiva Upgrade kernel24-BOOT-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-BOOT-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-doc-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-doc-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-enterprise-2.4.21-31301U90_15cl.i686.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_15cl.i686.rpm

Conectiva Upgrade kernel24-headers-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-headers-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-rbc-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-rbc-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-smp-2.4.21-31301U90_15cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_15cl.i386.rpm

Conectiva Upgrade kernel24-smp-2.4.21-31301U90_15cl.i586.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_15cl.i586.rpm

Conectiva Upgrade kernel24-smp-2.4.21-31301U90_15cl.i686.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_15cl.i686.rpm

Conectiva Upgrade kernel24-2.4.21-31301U90_15cl.athlon.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_15cl.athlon.rpm

Conectiva Upgrade kernel24-enterprise-2.4.21-31301U90_15cl.athlon.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_15cl.athlon.rpm

Conectiva Upgrade kernel24-smp-2.4.21-31301U90_15cl.athlon.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_15cl.athlon.rpm

Conectiva Upgrade kernel24-2.4.21-31301U90_15cl.pentium4.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_15cl.pentium4.rpm

Conectiva Upgrade kernel24-enterprise-2.4.21-31301U90_15cl.pentium4.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_15cl.pentium4.rpm

Conectiva Upgrade kernel24-smp-2.4.21-31301U90_15cl.pentium4.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_15cl.pentium4.rpm
MandrakeSoft
————
MandrakeSoft已经

来源: BID
名称: 9691
链接:http://www.securityfocus.com/bid/9691

来源: REDHAT
名称: RHSA-2004:069
链接:http://www.redhat.com/support/errata/RHSA-2004-069.html

来源: DEBIAN
名称: DSA-479
链接:http://www.debian.org/security/2004/dsa-479

来源: XF
名称: linux-ncplookup-gain-privileges(15250)
链接:http://xforce.iss.net/xforce/xfdb/15250

来源: REDHAT
名称: RHSA-2004:188
链接:http://www.redhat.com/support/errata/RHSA-2004-188.html

来源: REDHAT
名称: RHSA-2004:065
链接:http://www.redhat.com/support/errata/RHSA-2004-065.html

来源: SUSE
名称: SuSE-SA:2004:005
链接:http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html

来源: DEBIAN
名称: DSA-495
链接:http://www.debian.org/security/2004/dsa-495

来源: DEBIAN
名称: DSA-491
链接:http://www.debian.org/security/2004/dsa-491

来源: DEBIAN
名称: DSA-489
链接:http://www.debian.org/security/2004/dsa-489

来源: DEBIAN
名称: DSA-482
链接:http://www.debian.org/security/2004/dsa-482

来源: DEBIAN
名称: DSA-481
链接:http://www.debian.org/security/2004/dsa-481

来源: DEBIAN
名称: DSA-480
链接:http://www.debian.org/security/2004/dsa-480

来源: OVAL
名称: oval:org.mitre.oval:def:11388
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11388

来源: TURBO
名称: TLSA-2004-05
链接:http://www.securityfocus.com/advisories/6759

来源: MANDRAKE
名称: MDKSA-2004:015
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2004:015

来源: CIAC
名称: O-082
链接:http://www.ciac.org/ciac/bulletins/o-082.shtml

来源: FEDORA
名称: FEDORA-2004-079
链接:http://fedoranews.org/updates/FEDORA-2004-079.shtml

来源: CONECTIVA
名称: CLA-2004:820
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820

来源: US Government Resource: oval:org.mitre.oval:def:835
名称: oval:org.mitre.oval:def:835
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:835

来源: US Government Resource: oval:org.mitre.oval:def:1035
名称: oval:org.mitre.oval:def:1035
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1035