首页 -> 安全研究
安全研究
安全漏洞
TCL/TK 不安全的库搜索路径漏洞
发布日期:2001-07-19
更新日期:2002-08-14
受影响系统:
TCL/TK TCL/TK 8.3.2描述:
- Conectiva Linux 6.0
TCL/TK TCL/TK 8.3.3
- Conectiva Linux 7.0
- RedHat Linux 7.1
- RedHat Linux 7.0
BUGTRAQ ID: 3073
CVE(CAN) ID: CVE-2001-1375
Tcl是一种流行的命令编程语言,可以很方便地利用它来向一些交互程序发布命令。它还包括一个库软件包,里面包括Tcl语言解释器、实现内置Tcl命令的例程、以及一些扩展功能。TK是Tcl的一个扩展,用来为程序员提供一个与X11 Windows系统的编程接口。一些Linux系统带的Tcl/Tk开发环境中含有一些应用程序:tcl、tk、tix、tclX、expect和itcl。
Tcl/tk软件包在搜索自己的库文件时采用了不安全的搜索路径,可能允许本地用户提升权限。
Tcl在搜索其它目录之前会首先在当前工作目录中搜索自己的库,本地用户可以在一个用户可控制的目录下编写木马库程序。当其他用户(例如root用户)在该目录下执行tcl程序时,就可能执行攻击者指定的任意代码。本地攻击者可能利用这个漏洞提升权限。
<*来源:zen-parse (zen-parse@gmx.net)
链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226
https://www.redhat.com/support/errata/RHSA-2002-148.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 不要在其他用户可写的目录下运行tcl程序。
厂商补丁:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2001:409)以及相应补丁:
CLA-2001:409:Insecure runtime library search path
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409
补丁下载:
tp://atualizacoes.conectiva.com.br/6.0/SRPMS/tcltk-8.3.2-2U60_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/tcl-8.3.2-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/tix-4.1.0.6.1-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/itcl-3.1.0-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/tcllib-0.4-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/tk-8.3.2-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/tclx-8.3.2-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/expect-5.32-2U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/tcltk-8.3.3-4U70_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tix-demos-4.1.0.6.1-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/expect-devel-5.32-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/expect-5.32-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/expect-devel-static-5.32-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/itcl-iwidgets2.2.0-demos-3.1.0-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tix-4.1.0.6.1-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tclx-devel-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tk-devel-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tk-devel-static-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tclx-devel-static-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/itcl-devel-static-3.1.0-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tclx-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tix-devel-static-4.1.0.6.1-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tclx-helpfiles-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/itcl-3.1.0-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tcl-devel-static-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tk-demos-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/itcl-devel-3.1.0-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tcllib-0.8-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tcl-devel-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tk-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tcl-8.3.3-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/tix-devel-4.1.0.6.1-4U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/itcl-iwidgets-demos-3.1.0-4U70_1cl.i386.rpm
Conectiva Linux version 6.0及以上版本的用户可以使用apt进行RPM包的更新:
- 把以下的文本行加入到/etc/apt/sources.list文件中:
rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates
(如果你不是使用6.0版本,用合适的版本号代替上面的6.0)
- 执行: apt-get update
- 更新以后,再执行: apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:148-06)以及相应补丁:
RHSA-2002:148-06:Updated Tcl/Tk packages fix local vulnerability
链接:https://www.redhat.com/support/errata/RHSA-2002-148.html
补丁下载:
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/tcltk-8.3.3-69.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/expect-5.32.2-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/itcl-3.2-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tcl-8.3.3-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tcllib-1.0-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tclx-8.3-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tix-8.2.0b1-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tk-8.3.3-69.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/expect-5.32.2-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/itcl-3.2-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tcl-8.3.3-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tcllib-1.0-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tclx-8.3-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tix-8.2.0b1-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tk-8.3.3-69.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/tcltk-8.3.3-69.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/expect-5.32.2-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/itcl-3.2-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tcl-8.3.3-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tcllib-1.0-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tclx-8.3-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tix-8.2.0b1-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tk-8.3.3-69.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/expect-5.32.2-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/itcl-3.2-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tcl-8.3.3-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tcllib-1.0-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tclx-8.3-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tix-8.2.0b1-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tk-8.3.3-69.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/expect-5.32.2-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/itcl-3.2-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tcl-8.3.3-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tcllib-1.0-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tclx-8.3-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tix-8.2.0b1-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tk-8.3.3-69.ia64.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
浏览次数:3845
严重程度:0(网友投票)
绿盟科技给您安全的保障