漏洞信息详情
Axel HTTP重定向缓冲区溢出漏洞
- CNNVD编号:CNNVD-200505-580
- 危害等级: 高危
- CVE编号: CVE-2005-0390
- 漏洞类型: 缓冲区溢出
- 发布时间: 2005-05-02
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: axel
- 漏洞来源: Discovered by Ulf ...
漏洞简介
用于Axel的1.0b之前版本的conn.c中的HTTP重定向功能存在缓冲区溢出,远程攻击者可以借此执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Axel Axel 1.0 a
Axel Axel 1.0b
http://wilmer.gaast.net/downloads/axel-1.0b.tar.gz
Debian axel-kapt_1.0a-1woody1_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel-kapt_1.0a-1wo ody1_all.deb
Debian axel_1.0a-1woody1_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ alpha.deb
Debian axel_1.0a-1woody1_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ arm.deb
Debian axel_1.0a-1woody1_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ hppa.deb
Debian axel_1.0a-1woody1_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ i386.deb
Debian axel_1.0a-1woody1_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ ia64.deb
Debian axel_1.0a-1woody1_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ m68k.deb
Debian axel_1.0a-1woody1_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ mips.deb
Debian axel_1.0a-1woody1_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ mipsel.deb
Debian axel_1.0a-1woody1_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ powerpc.deb
Debian axel_1.0a-1woody1_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ s390.deb
Debian axel_1.0a-1woody1_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/a/axel/axel_1.0a-1woody1_ sparc.deb
参考网址
来源: BID
名称: 13059
链接:http://www.securityfocus.com/bid/13059
来源: DEBIAN
名称: DSA-706
链接:http://www.debian.org/security/2005/dsa-706
来源: GENTOO
名称: GLSA-200504-09
链接:http://security.gentoo.org/glsa/glsa-200504-09.xml
来源: SECUNIA
名称: 14831
链接:http://secunia.com/advisories/14831
来源: www.mail-archive.com
链接:http://www.mail-archive.com/[email protected]/msg118978.HTML
受影响实体
- Axel Axel:1.0a
补丁
暂无
评论