首页 -> 安全研究
安全研究
安全漏洞
Imlib NetPBM相关性漏洞
发布日期:2002-03-21
更新日期:2002-03-27
受影响系统:
Imlib Imlib 1.9.9不受影响系统:
Imlib Imlib 1.9.7
Imlib Imlib 1.9.6
Imlib Imlib 1.9.5
Imlib Imlib 1.9.4
Imlib Imlib 1.9.3
Imlib Imlib 1.9.2
Imlib Imlib 1.9.12
Imlib Imlib 1.9.11
Imlib Imlib 1.9.1
Imlib Imlib 1.9
Imlib Imlib 1.9.10
- RedHat Linux 7.2
Imlib Imlib 1.9.8
- RedHat Linux 7.1
- RedHat Linux 7.0
- RedHat Linux 6.2
Imlib Imlib 1.9.4描述:
BUGTRAQ ID: 4339
CVE(CAN) ID: CVE-2002-0167
Imlib是允许X11程序使用各种图象文件格式的库文件。
Imlib在装载图象文件时处理存在漏洞可导致装载不信任图象文件。
Imlib装载图象文件通过NETPBM包来处理,存在各种问题如设置相关图象文件等可导致装载不信任图象文件,攻击者可以自己构建图象文件,设置相关环境变量,导致任意代码以查看图象文件用户身份被执行。
<*链接:https://www.redhat.com/support/errata/RHSA-2002-048.html
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 暂时没有好的临时解决方法。
厂商补丁:
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:048-06)以及相应补丁:
RHSA-2002:048-06:New imlib packages available
链接:https://www.redhat.com/support/errata/RHSA-2002-048.html
补丁下载:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/imlib-1.9.13-2.6.x.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/imlib-1.9.13-2.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/imlib-cfgeditor-1.9.13-2.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/imlib-devel-1.9.13-2.6.x.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/imlib-1.9.13-2.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/imlib-cfgeditor-1.9.13-2.6.x.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/imlib-devel-1.9.13-2.6.x.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/imlib-1.9.13-2.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/imlib-cfgeditor-1.9.13-2.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/imlib-devel-1.9.13-2.6.x.sparc.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/imlib-1.9.13-2.7.x.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/imlib-1.9.13-2.7.x.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/imlib-cfgeditor-1.9.13-2.7.x.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/imlib-devel-1.9.13-2.7.x.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/imlib-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/imlib-cfgeditor-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/imlib-devel-1.9.13-2.7.x.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/imlib-1.9.13-2.7.x.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/imlib-1.9.13-2.7.x.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/imlib-cfgeditor-1.9.13-2.7.x.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/imlib-devel-1.9.13-2.7.x.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/imlib-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/imlib-cfgeditor-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/imlib-devel-1.9.13-2.7.x.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/imlib-1.9.13-2.7.x.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/imlib-cfgeditor-1.9.13-2.7.x.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/imlib-devel-1.9.13-2.7.x.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/imlib-1.9.13-2.7.x.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/imlib-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/imlib-cfgeditor-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/imlib-devel-1.9.13-2.7.x.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/imlib-1.9.13-2.7.x.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/imlib-cfgeditor-1.9.13-2.7.x.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/imlib-devel-1.9.13-2.7.x.ia64.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
浏览次数:3199
严重程度:0(网友投票)
绿盟科技给您安全的保障