UTempter多个本地漏洞

admin
admin
admin
0
文章
0
评论
2022-07-22 12:48:33 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

UTempter多个本地漏洞

  • CNNVD编号:CNNVD-200408-197
  • 危害等级: 低危
  • CVE编号: CVE-2004-0233
  • 漏洞类型: 路径遍历
  • 发布时间: 2004-08-18
  • 威胁类型: 本地
  • 更新时间: 2006-09-22
  • 厂        商: slackware
  • 漏洞来源: Discovery of these...

漏洞简介

Utempter允许包含..(点 点)目录遍历序列的设备名称,本地用户可以通过在与信任utmp或者wtmp文件的应用程序相组合的设备名称上的链接攻击覆盖任意文件。

漏洞公告

Red Hat has released an advisory RHSA-2004:175-01 and fixes to address this issue. Please see referenced advisory for further details regarding obtaining and applying appropriate fixes. Mandrake has released an advisory MDKSA-2004:031-1 and fixes to address this issue. Please see referenced advisory for further details regarding obtaining and applying appropriate fixes. Slackware Linux has released advisory SSA:2004-110-01 and updates dealing with this issue. Red Hat Fedora has released advisory FEDORA-2004-108 and information on updated the affected application. Please see the referenced advisory for more information. Gentoo Linux has released advisory GLSA 200405-05 dealing with this issue. It is recommended that affected users issue these commands to ensure their system is properly updated: # emerge sync # emerge -pv ">=sys-apps/utempter-0.5.5.4" # emerge ">=sys-apps/utempter-0.5.5.4" Red Hat Fedora Legacy has released advisory FLSA:1546 dealing with this issue for Red Hat Linux 8.0, 7.3 and 7.2. Please see the referenced advisory for more information. Red Hat has released advisory RHSA-2004:174-09 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information. SGI has released an advisory (20040603-01-U) to address this and other issues in SGI ProPack 3. Please see the referenced advisory for more information. SGI has released an advisory (20040602-01-U) to address this and other issues in SGI ProPack 2.4. Please see the referenced advisory for more information. Sun has released Sun Alert Notification #57658 to address this issue in Sun Java Desktop System operating systems. Please see the referenced alert for further information on obtaining fixes. RedHat utempter-0.5.2-16.i386.rpm

  • RedHat utempter-0.5.5-2.RHL9.0.i386.rpm ftp://updates.redhat.com/9/en/os/i386/utempter-0.5.5-2.RHL9.0.i386.rpm
Slackware Linux -current
  • Slackware utempter-1.1.1-i486-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/ut empter-1.1.1-i486-1.tgz
utempter utempter 0.5.2
  • Fedora utempter-0.5.2-6.7.x.1.legacy.i386.rpmRed Hat Linux 7.2 & 7.3 http://download.fedoralegacy.org/redhat/7.2/updates/i386/utempter-0.5. 2-6.7.x.1.legacy.i386.rpm
  • Fedora utempter-0.5.2-6.8.0.1.legacy.i386.rpmRed Hat Linux 8.0 http://download.fedoralegacy.org/redhat/8.0/updates/i386/utempter-0.5. 2-6.8.0.1.legacy.i386.rpm
  • Mandrake lib64utempter0-0.5.2-12.2.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake lib64utempter0-0.5.2-12.2.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake lib64utempter0-devel-0.5.2-12.2.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake lib64utempter0-devel-0.5.2-12.2.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-10.2.91mdk.i586.rpmMandrake Linux 9.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-10.2.91mdk.ppc.rpmMandrake Linux 9.1/PPC http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-11.2.C21mdk.i586.rpmMandrake Corporate Server 2.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-11.2.C21mdk.x86_64.rpmMandrake Corporate Server 2.1/X86_64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-12.2.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-12.2.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-0.5.2-5.2.M82mdk.i586.rpmMandrake Multi Network Firewall 8.2 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-10.2.91mdk.i586.rpmMandrake Linux 9.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-10.2.91mdk.ppc.rpmMandrake Linux 9.1/PPC http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-11.2.C21mdk.i586.rpmMandrake Corporate Server 2.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-11.2.C21mdk.x86_64.rpmMandrake Corporate Server 2.1/X86_64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-12.2.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-12.2.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake libutempter0-devel-0.5.2-5.2.M82mdk.i586.rpmMandrake Multi Network Firewall 8.2 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake utempter-0.5.2-10.2.91mdk.i586.rpmMandrake Linux 9.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake utempter-0.5.2-10.2.91mdk.ppc.rpmMandrake Linux 9.1/PPC http://www.mandrakesecure.net/en/ftp.php
  • Mandrake utempter-0.5.2-11.2.C21mdk.i586.rpmMandrake Corporate Server 2.1 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake utempter-0.5.2-11.2.C21mdk.x86_64.rpmMandrake Corporate Server 2.1/X86_64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake utempter-0.5.2-12.2.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
  • Mandrake utempter-0.5.2-12.2.100mdk.i586.rpm

参考网址

来源: BID 名称: 10178 链接:http://www.securityfocus.com/bid/10178 来源: REDHAT 名称: RHSA-2004:174 链接:http://www.redhat.com/support/errata/RHSA-2004-174.HTML 来源: XF 名称: utemper-symlink(15904) 链接:http://xforce.iss.net/xforce/xfdb/15904 来源: SLACKWARE 名称: SSA:2004-110 链接:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404389 来源: REDHAT 名称: RHSA-2004:175 链接:http://www.redhat.com/support/errata/RHSA-2004-175.HTML 来源: SUNALERT 名称: 1000752 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1 来源: GENTOO 名称: GLSA-200405-05 链接:http://security.gentoo.org/glsa/glsa-200405-05.xml 来源: OVAL 名称: oval:org.mitre.oval:def:10115 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10115 来源: MANDRAKE 名称: MDKSA-2004:031 链接:http://www.mandriva.com/security/advisories?name=MDKSA-2004:031 来源: US Government Resource: oval:org.mitre.oval:def:979 名称: oval:org.mitre.oval:def:979 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:979

受影响实体

  • Slackware Slackware_linux:9.1  
  • Slackware Slackware_linux  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
UTempter多个本地漏洞 CNNVD漏洞

UTempter多个本地漏洞

漏洞信息详情UTempter多个本地漏洞CNNVD编号:CNNVD-200408-197危害等级: 低危CVE编号:CVE-2004-0233漏洞类型:路径遍历发布时间:200
07-220 评论
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0