Midnight Commander Insert_Text缓冲区溢出漏洞-一一网

Midnight Commander Insert_Text缓冲区溢出漏洞

4年前更新

1300

漏洞信息详情

Midnight Commander Insert_Text缓冲区溢出漏洞

CNNVD编号：CNNVD-200505-767

危害等级：中危
CVE编号：
CVE-2005-0763
漏洞类型：

缓冲区溢出
发布时间：

2005-03-30
威胁类型：

本地
更新时间：

2005-10-20
厂商：

midnight_commander
漏洞来源：
Andrew V. Samoilov

漏洞简介

Midnight Commander是一款强大的GNU/LINUX系统的文件管理器。

Midnight Commander中存在缓冲区溢出漏洞，起因是对insert_text()函数所提供的外部数据执行了不充分的边界检查。本地攻击者可能利用这个漏洞以其他用户的身份执行任意代码。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Midnight Commander Midnight Commander 4.5.54

TurboLinux mc-4.5.54-8.i586.rpm

ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/mc-4.5.54-8.i586.rpm

TurboLinux mc-4.5.54-8.i586.rpm

ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/mc-4.5.54-8.i586.rpm

TurboLinux mc-4.5.54-8.i586.rpm

ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/mc-4.5.54-8.i586.rpm

TurboLinux mc-4.5.54-8.i586.rpm

ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/mc-4.5.54-8.i586.rpm

Midnight Commander Midnight Commander 4.5.55

Debian gmc_4.5.55-1.2woody6_alpha.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _alpha.deb

Debian gmc_4.5.55-1.2woody6_arm.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _arm.deb

Debian gmc_4.5.55-1.2woody6_hppa.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _hppa.deb

Debian gmc_4.5.55-1.2woody6_i386.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _i386.deb

Debian gmc_4.5.55-1.2woody6_ia64.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _ia64.deb

Debian gmc_4.5.55-1.2woody6_m68k.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _m68k.deb

Debian gmc_4.5.55-1.2woody6_mips.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _mips.deb

Debian gmc_4.5.55-1.2woody6_mipsel.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _mipsel.deb

Debian gmc_4.5.55-1.2woody6_powerpc.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _powerpc.deb

Debian gmc_4.5.55-1.2woody6_s390.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _s390.deb

Debian gmc_4.5.55-1.2woody6_sparc.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody6 _sparc.deb

Debian mc-common_4.5.55-1.2woody6_alpha.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_alpha.deb

Debian mc-common_4.5.55-1.2woody6_arm.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_arm.deb

Debian mc-common_4.5.55-1.2woody6_hppa.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_hppa.deb

Debian mc-common_4.5.55-1.2woody6_i386.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_i386.deb

Debian mc-common_4.5.55-1.2woody6_ia64.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_ia64.deb

Debian mc-common_4.5.55-1.2woody6_m68k.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_m68k.deb

Debian mc-common_4.5.55-1.2woody6_mips.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_mips.deb

Debian mc-common_4.5.55-1.2woody6_mipsel.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_mipsel.deb

Debian mc-common_4.5.55-1.2woody6_powerpc.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_powerpc.deb

Debian mc-common_4.5.55-1.2woody6_s390.deb

Debian GNU/Linux 3.0 alias woody

http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody6_s390.deb

Debian mc-common_4.5.55-1.2woody6_sparc.de

参考网址

来源: DEBIAN

名称: DSA-698

链接:http://www.debian.org/security/2005/dsa-698

来源: REDHAT

名称: RHSA-2005:512

链接:http://www.redhat.com/support/errata/RHSA-2005-512.html

受影响实体

Midnight_commander Midnight_commander:4.5.55

© 版权声明

文章版权归作者所有，未经允许请勿转载。

THE END

喜欢就支持一下吧

相关推荐