漏洞信息详情
SLocate 拒绝服务漏洞
- CNNVD编号:CNNVD-200508-226
- 危害等级: 低危
- CVE编号: CVE-2005-2499
- 漏洞类型: 其他
- 发布时间: 2005-08-23
- 威胁类型: 本地
- 更新时间: 2005-10-20
- 厂 商: slocate
- 漏洞来源: The discoverer of ...
漏洞简介
Slocate 2.7之前的版本不能正确地处理过长路径。这使得本地用户可以借助于特定的精心设计的目录结构造成拒绝服务(更新数据库退出及不完整slocate数据库)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Conectiva Linux 10.0
Conectiva nss_ldap-240-53589U10_1cl.i386.rpm
Conectiva 10:
ftp://atualizacoes.conectiva.com.br/10/RPMS/nss_ldap-240-53589U10_1cl.i386.rpm
Conectiva nss_ldap-240-53589U10_1cl.i386.rpm
Conectiva 10:
nss_ldap-240-53589U10_1cl.i386.rpm
Conectiva pam_ldap-180-47667U10_1cl.i386.rpm
Conectiva 10:
ftp://atualizacoes.conectiva.com.br/10/RPMS/pam_ldap-180-47667U10_1cl.i386.rpm
slocate slocate 2.7
Conectiva slocate-2.7-49374U10_1cl.i386.rpm
Conectiva 10:
ftp://atualizacoes.conectiva.com.br/10/RPMS/slocate-2.7-49374U10_1cl.i386.rpm
Conectiva slocate-i18n-pt_BR-2.7-49374U10_1cl.i386.rpm
Conectiva 10:
ftp://atualizacoes.conectiva.com.br/10/RPMS/slocate-i18n-pt_BR-2.7-49374U10_1cl.i386.rpm
Turbolinux slocate-2.7-8.i586.rpm
Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/slocate-2.7-8.i586.rpm
Turbolinux slocate-2.7-8.i586.rpm
Turbolinux 10 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/slocate-2.7-8.i586.rpmTurbolinux slocate-2.7-8.i586.rpm
Turbolinux 7 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/slocate-2.7-8.i586.rpm
Turbolinux slocate-2.7-8.i586.rpm
Turbolinux 8 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/slocate-2.7-8.i586.rpm
Turbolinux slocate-2.7-8.i586.rpm
Turbolinux 7 Workstation
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/slocate-2.7-8.i586.rpm
Turbolinux slocate-2.7-8.i586.rpm
Turbolinux 8 Workstation
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/slocate-2.7-8.i586.rpm
Turbolinux slocate-debug-2.7-8.i586.rpm
Turbolinux 10 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/slocate-debug-2.7-8.i586.rpm
参考网址
来源: REDHAT
名称: RHSA-2005:747
链接:http://www.redhat.com/support/errata/RHSA-2005-747.HTML
来源: XF
名称: slocate-directory-structure-dos(22316)
链接:http://xforce.iss.net/xforce/xfdb/22316
来源: BID
名称: 14640
链接:http://www.securityfocus.com/bid/14640
来源: REDHAT
名称: RHSA-2005:346
链接:http://www.redhat.com/support/errata/RHSA-2005-346.HTML
来源: REDHAT
名称: RHSA-2005:345
链接:http://www.redhat.com/support/errata/RHSA-2005-345.HTML
来源: OSVDB
名称: 19034
链接:http://www.osvdb.org/19034
来源: SECTRACK
名称: 1014751
链接:http://securitytracker.com/id?1014751
受影响实体
- Slocate Slocate:2.1
- Slocate Slocate:2.2
- Slocate Slocate:2.3
- Slocate Slocate:2.4
- Slocate Slocate:2.5
补丁
暂无
评论