漏洞信息详情
digimode hf 本地特权升级漏洞
- CNNVD编号:CNNVD-200811-423
- 危害等级: 高危
- CVE编号: CVE-2008-2378
- 漏洞类型: 权限许可和访问控制
- 发布时间: 2008-11-26
- 威胁类型: 本地
- 更新时间: 2008-12-03
- 厂 商: hf
- 漏洞来源: Steve Kemp
漏洞简介
hf是一个声卡digimode程序,可以监控和传输PACTOR、AMTOR、GTOR和RTTY。
hf 0.7.3和0.8 hfkerne的不受信任搜索路径漏洞。此漏洞允许本地用户通过一个木马程序在目录的路径中获得特权,此漏洞与-k参数有关。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Debian Linux 4.0 amd64
Debian hf_0.7.3-4etch1_amd64.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_amd64.deb
Debian Linux 4.0 mipsel
Debian hf_0.7.3-4etch1_mipsel.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_mipsel.deb
Debian Linux 4.0 ia-32
Debian hf_0.7.3-4etch1_i386.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_i386.deb
Debian Linux 4.0 arm
Debian hf_0.7.3-4etch1_arm.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_arm.deb
Debian Linux 4.0 hppa
Debian hf_0.7.3-4etch1_hppa.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_hppa.deb
Debian Linux 4.0 sparc
Debian hf_0.7.3-4etch1_sparc.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_sparc.deb
Debian Linux 4.0 s/390
Debian hf_0.7.3-4etch1_s390.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_s390.deb
Debian Linux 4.0 powerpc
Debian hf_0.7.3-4etch1_powerpc.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_powerpc.deb
Debian Linux 4.0 alpha
Debian hf_0.7.3-4etch1_alpha.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_alpha.deb
Debian Linux 4.0 ia-64
Debian hf_0.7.3-4etch1_ia64.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_ia64.deb
Debian Linux 4.0 mips
Debian hf_0.7.3-4etch1_mips.deb
http://security.debian.org/pool/updates/main/h/hf/hf_0.7.3-4etch1_mips.deb
参考网址
来源: BID
名称: 32421
链接:http://www.securityfocus.com/bid/32421
来源: DEBIAN
名称: DSA-1668
链接:http://www.debian.org/security/2008/dsa-1668
来源: SECUNIA
名称: 32855
; Patch Information
链接:http://secunia.com/advisories/32855
来源: XF
名称: hf-hfkernel-privilege-escalation(46806)
链接:http://xforce.iss.net/xforce/xfdb/46806
来源: SECUNIA
名称: 32831
链接:http://secunia.com/advisories/32831
来源: OSVDB
名称: 50231
链接:http://osvdb.org/50231
来源: bugs.debian.org
链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182
受影响实体
- Hf Hf:0.7.3
- Hf Hf:0.8
补丁
暂无
评论