漏洞信息详情

OpenSSH UseLogin环境变量传递漏洞

• CNNVD编号：CNNVD-200112-123
• 危害等级： 高危
  
• CVE编号： CVE-2001-0872
• 漏洞类型： 输入验证
• 发布时间： 2001-12-21
• 威胁类型： 本地
• 更新时间： 2006-03-28
• 厂        商： suse
• 漏洞来源： This vulnerability...

漏洞简介

OpenSSH 3.0.1及其早期版本存在漏洞。当UseLogin有效时，该软件不能正确的净化关键环境变量如：D_PRELOAD，本地用户利用该漏洞提升根特权。

漏洞公告

Update available: OpenBSD OpenSSH 1.2.3

• Debian 2.2 alpha ssh-askpass-gnome_1.2.3-9.4_alpha.deb http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh- askpass-gnome_1.2.3-9.4_alpha.deb
• Debian 2.2 alpha ssh_1.2.3-9.4_alpha.deb http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh_ 1.2.3-9.4_alpha.deb
• Debian 2.2 arm ssh-askpass-gnome_1.2.3-9.4_arm.deb http://security.debian.org/dists/stable/updates/main/binary-arm/ssh-as kpass-gnome_1.2.3-9.4_arm.deb
• Debian 2.2 arm ssh_1.2.3-9.4_arm.deb http://security.debian.org/dists/stable/updates/main/binary-arm/ssh_1. 2.3-9.4_arm.deb
• Debian 2.2 i386 ssh-askpass-gnome_1.2.3-9.4_i386.deb http://security.debian.org/dists/stable/updates/main/binary-i386/ssh-a skpass-gnome_1.2.3-9.4_i386.deb
• Debian 2.2 i386 ssh_1.2.3-9.4_i386.deb http://security.debian.org/dists/stable/updates/main/binary-i386/ssh_1 .2.3-9.4_i386.deb
• Debian 2.2 m68k ssh-askpass-gnome_1.2.3-9.4_m68k.deb http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh-a skpass-gnome_1.2.3-9.4_m68k.deb
• Debian 2.2 m68k ssh_1.2.3-9.4_m68k.deb http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh_1 .2.3-9.4_m68k.deb
• Debian 2.2 ppc ssh-askpass-gnome_1.2.3-9.4_powerpc.deb http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h-askpass-gnome_1.2.3-9.4_powerpc.deb
• Debian 2.2 ppc ssh_1.2.3-9.4_powerpc.deb http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h_1.2.3-9.4_powerpc.deb
• Debian 2.2 sparc ssh-askpass-gnome_1.2.3-9.4_sparc.deb http://security.debian.org/dists/stable/updates/main/binary-sparc/ssh- askpass-gnome_1.2.3-9.4_sparc.deb
• Debian 2.2 sparc ssh_1.2.3-9.4_sparc.deb http://security.debian.org/dists/stable/updates/main/binary-sparc/ssh_ 1.2.3-9.4_sparc.deb

• Trustix 1.1 i386 openssh-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-3.0.2p1-2tr .i586.rpm
• Trustix 1.1 i386 openssh-clients-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm
• Trustix 1.1 i386 openssh-server-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm
• Trustix 1.2 i386 openssh-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-3.0.2p1-2tr .i586.rpm
• Trustix 1.2 i386 openssh-clients-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm
• Trustix 1.2 i386 openssh-server-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm
• Trustix 1.5 i386 openssh-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-3.0.2p1-2tr .i586.rpm
• Trustix 1.5 i386 openssh-clients-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm
• Trustix 1.5 i386 openssh-server-3.0.2p1-2tr.i586.rpm ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm

• Caldera OpenLinux 3.1 Server openssh-2.9p2-4.i386.rpm ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-2.9p2-4.i386.rpm
• Caldera OpenLinux 3.1 Server openssh-askpass-2.9p2-4.i386.rpm ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-askpass-2.9p2-4.i386.rpm
• Caldera OpenLinux 3.1 Server openssh-server-2.9p2-4.i386.rpm ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-server-2.9p2-4.i386.rpm
• Caldera OpenLinux 3.1 Workstation openssh-2.9p2-4.i386.rpm ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-2.9p2-4.i386.rpm
• Caldera OpenLinux 3.1 Workstation openssh-askpass-2.9p2-4.i386.rpm ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-askpass-2.9p2-4.i386.rpm
• Caldera OpenLinux 3.1 Workstation openssh-server-2.9p2-4.i386.rpm ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-server-2.9p2-4.i386.rpm
• Red Hat 7.0 alpha openssh-2.9p2-11.7.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/openssh-2.9p2-11.7.alpha.rpm
• Red Hat 7.0 alpha openssh-askpass-2.9p2-11.7.alpha.rpm ftp://updates.redhat.com

参考网址

来源:US-CERT Vulnerability Note: VU#157447 名称: VU#157447 链接:http://www.kb.cert.org/vuls/id/157447 来源: REDHAT 名称: RHSA-2001:161 链接:http://www.redhat.com/support/errata/RHSA-2001-161.HTML 来源: BUGTRAQ 名称: 20011204 [Fwd: OpenSSH 3.0.2 fixes UseLogin vulnerability] 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100749779131514&w=2 来源: SUSE 名称: SuSE-SA:2001:045 链接:http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.HTML 来源: marc.theaimsgroup.com 链接:http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=100747128105913&w=2 来源: XF 名称: openssh-uselogin-execute-code(7647) 链接:http://xforce.iss.net/static/7647.php 来源: HP 名称: HPSBUX0112-005 链接:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005 来源: BID 名称: 3614 链接:http://www.securityfocus.com/bid/3614 来源: OSVDB 名称: 688 链接:http://www.osvdb.org/688 来源: DEBIAN 名称: DSA-091 链接:http://www.debian.org/security/2001/dsa-091 来源: CIAC 名称: M-026 链接:http://www.ciac.org/ciac/bulletins/m-026.sHTML 来源: MANDRAKE 名称: MDKSA-2001:092 链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092 来源: CONECTIVA 名称: CLA-2001:446 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000446 来源: CALDERA 名称: CSSA-2001-042.1 链接:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt

受影响实体

• Suse Suse_linux:7.3  
• Suse Suse_linux:7.2  
• Suse Suse_linux:7.1  
• Suse Suse_linux:6.4  
• Suse Suse_linux:7.0  

补丁

暂无