首页 -> 安全研究
安全研究
安全漏洞
glibc LD_PRELAD变量文件覆盖漏洞
发布日期:2001-01-27
更新日期:2001-01-27
受影响系统:
描述:
MandrakeSoft Corporate Server 1.0.1
MandrakeSoft Linux Mandrake 7.2
MandrakeSoft Linux Mandrake 7.1
MandrakeSoft Linux Mandrake 7.0
MandrakeSoft Linux Mandrake 6.1
MandrakeSoft Linux Mandrake 6.0
RedHat Linux 6.2
RedHat Linux 6.1
RedHat Linux 6.0
BUGTRAQ ID:2223
CVE(CAN) ID: CVE-2001-0169
glibc库2.2存在一个安全问题,在执行SUID和SGID程序时,glibc库允许用户预
先装入环境变量LD_PRELOAD中指定的库(如果库文件名中不包含'/'的话),但
是glibc也提供了一个特别检查来看是否预装载的库是设置了SUID位的。然而,
如果一个库文件包含在/etc/ld.so.cache中,这个检查就被忽略了。因此,在
SUID或SGID程序执行前从/lib/或者/usr/lib中装入一个库文件是可能的。这个
漏洞使得恶意用户能在受限位置创建文件或者覆盖其他文件(包含系统文件)。
攻击者可能获得root权限。
<*来源:[RHSA-2001:001-05] glibc file read or write access local vulnerability
MDKSA-2001:012 - glibc update
*>
建议:
厂商补丁:
多个Linux厂商已经提供了升级程序:
Red Hat Linux 6.0:
SRPMS:
ftp://updates.redhat.com/6.0/SRPMS/glibc-2.1.3-22.src.rpm
ftp://updates.redhat.com/6.0/SRPMS/glibc-2.1.3-22.src.rpm
ftp://updates.redhat.com/6.0/SRPMS/glibc-2.1.3-22.src.rpm
alpha:
ftp://updates.redhat.com/6.0/alpha/glibc-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/glibc-devel-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/glibc-profile-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm
i386:
ftp://updates.redhat.com/6.0/i386/glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/nscd-2.1.3-22.i386.rpm
sparc:
ftp://updates.redhat.com/6.0/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/nscd-2.1.3-22.sparc.rpm
sparcv9:
ftp://updates.redhat.com/6.0/sparcv9/glibc-2.1.3-22.sparcv9.rpm
Red Hat Linux 6.1:
SRPMS:
ftp://updates.redhat.com/6.1/SRPMS/glibc-2.1.3-22.src.rpm
alpha:
ftp://updates.redhat.com/6.1/alpha/glibc-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/glibc-devel-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/glibc-profile-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/nscd-2.1.3-22.alpha.rpm
i386:
ftp://updates.redhat.com/6.1/i386/glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm
sparc:
ftp://updates.redhat.com/6.1/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/nscd-2.1.3-22.sparc.rpm
sparcv9:
ftp://updates.redhat.com/6.1/sparcv9/glibc-2.1.3-22.sparcv9.rpm
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/SRPMS/glibc-2.1.3-22.src.rpm
alpha:
ftp://updates.redhat.com/6.2/alpha/glibc-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/glibc-devel-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/glibc-profile-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/nscd-2.1.3-22.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/i386/glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/nscd-2.1.3-22.sparc.rpm
sparcv9:
ftp://updates.redhat.com/6.2/sparcv9/glibc-2.1.3-22.sparcv9.rpm
Linux-Mandrake 6.0:
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/RPMS/glibc-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/RPMS/glibc-devel-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/RPMS/glibc-profile-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/SRPMS/glibc-2.1.3-18.2mdk.src.rpm
Linux-Mandrake 6.1:
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/RPMS/glibc-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/RPMS/glibc-devel-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/RPMS/glibc-profile-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/SRPMS/glibc-2.1.3-18.2mdk.src.rpm
Linux-Mandrake 7.0:
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/RPMS/glibc-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/RPMS/glibc-devel-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/RPMS/glibc-profile-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/SRPMS/glibc-2.1.3-18.2mdk.src.rpm
Linux-Mandrake 7.1:
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/glibc-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/glibc-devel-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/glibc-profile-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/SRPMS/glibc-2.1.3-18.1mdk.src.rpm
Linux-Mandrake 7.2:
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/glibc-2.1.3-18.3mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/glibc-devel-2.1.3-18.3mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/glibc-profile-2.1.3-18.3mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/SRPMS/glibc-2.1.3-18.3mdk.src.rpm
Corporate Server 1.0.1:
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/RPMS/glibc-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/RPMS/glibc-devel-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/RPMS/glibc-profile-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/SRPMS/glibc-2.1.3-18.1mdk.src.rpm
浏览次数:4249
严重程度:0(网友投票)
绿盟科技给您安全的保障