漏洞信息详情
Freenet6客户端默认安装配置文件权限漏洞
- CNNVD编号:CNNVD-200412-089
- 危害等级: 低危
- CVE编号: CVE-2004-0563
- 漏洞类型: 配置错误
- 发布时间: 2004-12-23
- 威胁类型: 本地
- 更新时间: 2005-10-20
- 厂 商: freenet6
- 漏洞来源: The discovery of t...
漏洞简介
freenet6 0.9.6以前的版本中的tspc.conf配置文件和Debian Linux1.0以前的版本拥有全域局可读权限,本地用户利用该漏洞获取敏感信息,比如:用户名和密码。
漏洞公告
Debian has released an advisory (DSA 555-1) along with fixes dealing with this issue. Please see the referenced advisory for more information. Freenet6 Freenet6 0.9.6
- Debian freenet6_0.9.6-1woody2_alpha.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_alpha.deb
- Debian freenet6_0.9.6-1woody2_arm.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_arm.deb
- Debian freenet6_0.9.6-1woody2_hppa.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_hppa.deb
- Debian freenet6_0.9.6-1woody2_i386.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_i386.deb
- Debian freenet6_0.9.6-1woody2_ia64.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_ia64.deb
- Debian freenet6_0.9.6-1woody2_m68k.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_m68k.deb
- Debian freenet6_0.9.6-1woody2_mips.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_mips.deb
- Debian freenet6_0.9.6-1woody2_mipsel.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_mipsel.deb
- Debian freenet6_0.9.6-1woody2_powerpc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_powerpc.deb
- Debian freenet6_0.9.6-1woody2_s390.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_s390.deb
- Debian freenet6_0.9.6-1woody2_sparc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/f/freenet6/freenet6_0.9.6 -1woody2_sparc.deb
参考网址
来源: XF 名称: freenet6-world-readable(17544) 链接:http://xforce.iss.net/xforce/xfdb/17544 来源: BID 名称: 11280 链接:http://www.securityfocus.com/bid/11280 来源: DEBIAN 名称: DSA-555 链接:http://www.debian.org/security/2004/dsa-555 来源: SECTRACK 名称: 1011460 链接:http://securitytracker.com/id?1011460 来源: SECUNIA 名称: 12705 链接:http://secunia.com/advisories/12705/
受影响实体
- Freenet6 Freenet6:0.9.6
- Freenet6 Freenet6:1.0
补丁
暂无
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
评论