漏洞信息详情
SCO UnixWare su(1)缓冲区溢出漏洞
- CNNVD编号:CNNVD-199911-075
- 危害等级: 高危
- CVE编号: CVE-1999-0845
- 漏洞类型: 缓冲区溢出
- 发布时间: 1999-11-25
- 威胁类型: 本地
- 更新时间: 2005-10-20
- 厂 商: sco
- 漏洞来源: The exploit posted...
漏洞简介
SCO su指令存在缓冲区溢出漏洞。本地用户可以使用长用户名获得根权限。
漏洞公告
SCO is providing an interim patch to address this issue in the form of a System Security Enhancement (SSE) package. SSE039 contains replacement binaries for each system type, and is available for Internet download via anonymous ftp, and from the SCOFORUM on Compuserve. You can download the SSE package as follows: Anonymous ftp (World Wide Web URL): ftp://ftp.sco.COM/SSE/sse039.ltr (cover letter, ASCII text) ftp://ftp.sco.COM/SSE/sse039.tar.Z (new binaries, compressed tar file) Compuserve: GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames: SSE039.LTR (cover letter, ASCII text) SSE039.TAZ (new binaries, compressed tar file) Checksums (sum -r): 01787 3 sse039.ltr 53627 555 sse039.tar.Z
参考网址
Vulnerable software and versionsConfiguration 1OR* cpe:/o:sco:unixware:7.0* Denotes Vulnerable Software* Changes related to vulnerability configurations Technical DetailsVulnerability Type (View All) CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0845
受影响实体
- Sco Unixware:7.0
补丁
暂无
评论