漏洞信息详情
Igno_Saitz libmikmod '.XM'文件远程拒绝服务漏洞
- CNNVD编号:CNNVD-200901-231
- 危害等级: 中危
- CVE编号: CVE-2009-0179
- 漏洞类型: 资料不足
- 发布时间: 2009-01-20
- 威胁类型: 远程
- 更新时间: 2009-03-21
- 厂 商: igno_saitz
- 漏洞来源: Javier Serrano Polo
漏洞简介
当被MikMod和其他产品使用时,libmikmod 3.1.11到3.2.0版本允许用户协助式攻击者通过加载一个XM文件,引起拒绝服务攻击(应用程序崩溃)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: MandrakeSoft Linux Mandrake 2008.1 x86_64 Mandriva lib64mikmod-devel-3.1.11a-10.1mdv2008.1.x86_64.rpm http://www.mandriva.com/en/download/ Mandriva lib64mikmod2-3.1.11a-10.1mdv2008.1.x86_64.rpm http://www.mandriva.com/en/download/ MandrakeSoft Linux Mandrake 2008.1 Mandriva libmikmod-devel-3.1.11a-10.1mdv2008.1.i586.rpm http://www.mandriva.com/en/download/ Mandriva libmikmod2-3.1.11a-10.1mdv2008.1.i586.rpm http://www.mandriva.com/en/download/ MandrakeSoft Enterprise Server 5 x86_64 Mandriva lib64mikmod-devel-3.2.0-0.beta2.2.1mdvmes5.x86_64.rpm http://www.mandriva.com/en/download/ Mandriva lib64mikmod3-3.2.0-0.beta2.2.1mdvmes5.x86_64.rpm http://www.mandriva.com/en/download/ MandrakeSoft Linux Mandrake 2008.0 x86_64 Mandriva lib64mikmod-devel-3.1.11a-8.1mdv2008.0.x86_64.rpm http://www.mandriva.com/en/download/ Mandriva lib64mikmod2-3.1.11a-8.1mdv2008.0.x86_64.rpm http://www.mandriva.com/en/download/ MandrakeSoft Enterprise Server 5 Mandriva libmikmod-devel-3.2.0-0.beta2.2.1mdvmes5.i586.rpm http://www.mandriva.com/en/download/ Mandriva libmikmod3-3.2.0-0.beta2.2.1mdvmes5.i586.rpm http://www.mandriva.com/en/download/ MandrakeSoft Linux Mandrake 2008.0 Mandriva libmikmod-devel-3.1.11a-8.1mdv2008.0.i586.rpm http://www.mandriva.com/en/download/ Mandriva libmikmod2-3.1.11a-8.1mdv2008.0.i586.rpm http://www.mandriva.com/en/download/ MandrakeSoft Linux Mandrake 2009.0 Mandriva libmikmod-devel-3.2.0-0.beta2.2.1mdv2009.0.i586.rpm http://www.mandriva.com/en/download/ Mandriva libmikmod3-3.2.0-0.beta2.2.1mdv2009.0.i586.rpm http://www.mandriva.com/en/download/ MandrakeSoft Linux Mandrake 2009.0 x86_64 Mandriva lib64mikmod-devel-3.2.0-0.beta2.2.1mdv2009.0.x86_64.rpm http://www.mandriva.com/en/download/ Mandriva lib64mikmod3-3.2.0-0.beta2.2.1mdv2009.0.x86_64.rpm http://www.mandriva.com/en/download/
参考网址
来源: FEDORA 名称: FEDORA-2009-9112 链接:https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.HTML 来源: FEDORA 名称: FEDORA-2009-9095 链接:https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.HTML 来源: bugzilla.redhat.com 链接:https://bugzilla.redhat.com/show_bug.cgi?id=479833 来源: BID 名称: 33240 链接:http://www.securityfocus.com/bid/33240 来源: SECUNIA 名称: 34259 链接:http://secunia.com/advisories/34259 来源: MLIST 名称: [oss-security] 20090113 CVE Request -- libmikmod 链接:http://openwall.com/lists/oss-security/2009/01/13/2 来源: SUSE 名称: SUSE-SR:2009:006 链接:http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.HTML 来源: MISC 链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339
受影响实体
- Igno_saitz Libmikmod:3.1.9-1
- Igno_saitz Libmikmod:3.1.9-2
- Igno_saitz Libmikmod:3.1.9-3
- Igno_saitz Libmikmod:3.1.9-4
- Igno_saitz Libmikmod:3.1.9-5
补丁
暂无
评论