漏洞信息详情
LCDproc LCDd多个远程漏洞
- CNNVD编号:CNNVD-200404-005
- 危害等级: 高危
![图片[1]-LCDproc LCDd多个远程漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-26/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2004-1916
- 漏洞类型:
缓冲区溢出
- 发布时间:
2004-04-08
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
lcdproc - 漏洞来源:
Discovery of these… -
漏洞简介
LCDProc 0.4.1和可能其它0.4.x到0.4.4版本存在多个缓冲区溢出漏洞。远程攻击者借助(1)parse_all_client_messages函数的超长无效命令,或(2)
test_func_func函数的超长argv的命令执行任意代码。
漏洞公告
NOTE: It has been reported that the previously referenced fix was insufficient to resolve this issue.
Gentoo has released updates to address this issue. These updates may be applied with the following commands:
# emerge sync
# emerge -pv “>=app-misc/lcdproc-0.4.5”
# emerge “>=app-misc/lcdproc-0.4.5”
The vendor has released an upgraded version of the software which is reported to deal with this issue completely:
LCDProc LCDProc 4.4
-
LCDProc lcdproc-0.4.5.tar.gz
http://lcdproc.omnipotent.net/download/lcdproc-0.4.5.tar.gz
参考网址
来源: BID
名称: 10085
链接:http://www.securityfocus.com/bid/10085
来源: SECUNIA
名称: 11333
链接:http://secunia.com/advisories/11333
来源: XF
名称: lcdproc-testfuncfunc-bo(15814)
链接:http://xforce.iss.net/xforce/xfdb/15814
来源: GENTOO
名称: GLSA-200404-19
链接:http://security.gentoo.org/glsa/glsa-200404-19.xml
来源: BUGTRAQ
名称: 20040408 PSR – #2004-002 Remote – LCDProc
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108146376315229&w=2
来源: lists.omnipotent.net
链接:http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
