漏洞信息详情
GNU make /tmp漏洞
- CNNVD编号:CNNVD-200002-002
- 危害等级: 中危
- CVE编号: CVE-2000-0151
- 漏洞类型: 竞争条件
- 发布时间: 2000-02-01
- 威胁类型: 本地
- 更新时间: 2005-10-20
- 厂 商: gnu
- 漏洞来源: This vulnerability...
漏洞简介
从标准输入读取Makefile时,GNU make跟随符号链接。其他本地用户利用此漏洞可以执行命令。
漏洞公告
Patches are available from SuSE at: ftp://ftp.suse.com/pub/suse/i386/update for Intel processors ftp://ftp.suse.com/pub/suse/axp/update for Alpha processors or try the following web pages for a list of mirrors: http://www.suse.de/ftp.HTML http://www.suse.com/ftp_new.HTML SuSE Patch page: http://www.suse.de/patches/index.HTML Patches are available from Debian. From their advisory: http://security.debian.org/dists/stable/updates/source/make_3.77.orig.tar.gz MD5Dum: b8264b1f8579d810a6de5db634aeafe4 http://security.debian.org/dists/stable/updates/source/make_3.77-5slink.diff.gz MD5Dum: 4cf0016add45fb2bb1986cdcf3df4df2 http://security.debian.org/dists/stable/updates/source/make_3.77-5slink.dsc MD5Dum: 351d1492a17cd4b38f522037a2714a86 Alpha architecture: http://security.debian.org/dists/stable/updates/binary-alpha/make_3.77-5slink_alpha.deb MD5Dum: a253a6d897edbc163595dbedefbfd8bc Intel ia32 architecture: http://security.debian.org/dists/stable/updates/binary-i386/make_3.77-5slink_i386.deb MD5Dum: 78367bf9f0d309d732eaa57bc9008462 Motorola 680x0 architecture: http://security.debian.org/dists/stable/updates/binary-m68k/make_3.77-5slink_m68k.deb MD5Dum: 678955fdde1a099db1ac7719e7026cbc Sun Sparc architecture: http://security.debian.org/dists/stable/updates/binary-sparc/make_3.77-5slink_sparc.deb MD5Dum: 87b8ff54ca2f9c1113349da5cf591331 Architecture independent archive (for completeness): http://security.debian.org/dists/stable/updates/binary-all/make-doc_3.77-5slink_all.deb MD5Dum: cb63706913f8202c52ead1031a8494dc
参考网址
来源: BID 名称: 981 链接:http://www.securityfocus.com/bid/981
受影响实体
- Gnu Make:3.77.44
补丁
暂无
评论