首页 -> 安全研究
安全研究
安全漏洞
gpm-root本地格式串漏洞
发布日期:2001-12-28
更新日期:2002-01-09
受影响系统:
GPM gpm 1.17.8描述:
- Debian Linux 2.2 arm
- Debian Linux 2.2 sparc
- Debian Linux 2.2 68k
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 alpha
- Debian Linux 2.2 powerpc
BUGTRAQ ID: 3750
CVE(CAN) ID: CVE-2001-1203
gpm(General Mouse Protocol)是一个由公共域维护的鼠标驱动软件,它是免费并开放源码的,运行于Linux和其它类UNIX平台。
gpm的实现存在格式串漏洞,可以使本地攻击者通过溢出攻击在主机上执行任意指令。
gpm没有正确地处理用户提交的格式串,一个用户可以提供任意的格式串给gpm-root程序,从而导致执行攻击者指定的任意指令。gpm程序是由init进程以root身份运行的,所以攻击者可以利用这个漏洞得到主机的管理员权限。
<*来源:Debian Security Advisory
链接:http://www.debian.org/security/2001/dsa-095
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 暂时停止gpm-root的程序的使用。
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-095-1)以及相应补丁:
DSA-095-1:gpm local root vulnerability
链接:http://www.debian.org/security/2001/dsa-095
补丁下载:
Debian GNU/Linux 2.2 (potato)
Source:
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8-18.1.dsc
http://security.debian.org/dists/stable/updates/main/source/gpm_1.17.8.orig.tar.gz
Alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/gpm_1.17.8-18.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1-dev_1.17.8-18.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libgpmg1_1.17.8-18.1_alpha.deb
ARM:
http://security.debian.org/dists/stable/updates/main/binary-arm/gpm_1.17.8-18.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1-dev_1.17.8-18.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libgpmg1_1.17.8-18.1_arm.deb
Intel IA-32:
http://security.debian.org/dists/stable/updates/main/binary-i386/gpm_1.17.8-18.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1-altdev_1.17.8-18.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpm1_1.17.8-18.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1-dev_1.17.8-18.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libgpmg1_1.17.8-18.1_i386.deb
Motorola 680x0:
http://security.debian.org/dists/stable/updates/main/binary-m68k/gpm_1.17.8-18.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1-altdev_1.17.8-18.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpm1_1.17.8-18.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1-dev_1.17.8-18.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libgpmg1_1.17.8-18.1_m68k.deb
PowerPC:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gpm_1.17.8-18.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1-dev_1.17.8-18.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libgpmg1_1.17.8-18.1_powerpc.deb
Sun Sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/gpm_1.17.8-18.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1-dev_1.17.8-18.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libgpmg1_1.17.8-18.1_sparc.deb
浏览次数:3226
严重程度:0(网友投票)
绿盟科技给您安全的保障