发布日期：2002-11-01
更新日期：2002-11-06

受影响系统：

log2mail log2mail 0.2.5.0
    - Debian Linux 3.0 i386
    - Debian Linux 3.0 sparc
    - Debian Linux 3.0 alpha
    - Debian Linux 3.0 IA-32
    - Debian Linux 3.0 arm
    - Debian Linux 3.0 powerpc
    - Debian Linux 3.0 68k

不受影响系统：

log2mail log2mail 0.2.7
log2mail log2mail 0.2.6
log2mail log2mail 0.2.5.1

描述：

---

BUGTRAQ  ID: 6089
CVE(CAN) ID: CVE-2002-1251

log2mail是一款用于监视日志文件，能通过邮件发送日志与模型匹配的工具。

log2mail守护程序对畸形日志处理不正确，远程攻击者可以利用这个漏洞进行缓冲区溢出攻击，可能以root用户权限在系统上执行任意指令。

log2mail守护程序在系统启动阶段运行，而且一般以root用户权限运行，攻击者可以提交特殊的(远程)日志消息，可导致堆栈中静态缓冲区溢出，精心提交日志消息数据可能以root用户权限在系统上执行任意指令。

<*来源：Enrico Zini
  
  链接：http://www.debian.org/security/2002/dsa-186
*>

建议：

---

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-186-1）以及相应补丁:
DSA-186-1：New log2mail packages fix several vulnerabilities
链接：http://www.debian.org/security/2002/dsa-186

补丁下载：

Source archives:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1.dsc
Size/MD5 checksum:      483 8e995f49a3dd170b6c736aec46f9b8ca
http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1.tar.gz
Size/MD5 checksum:    28992 c87f9e8dedba478f8df8c7e7284891c3

Alpha architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_alpha.deb
Size/MD5 checksum:    70210 5be1472a8bd242c1fdb2b7847a3e2901

ARM architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_arm.deb
Size/MD5 checksum:    31340 fe1d7c47b0059389fa9e0005293c5eee

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_i386.deb
Size/MD5 checksum:    38532 ca7b3f97063ee1de06eb2ec97c3c4f52

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_ia64.deb
Size/MD5 checksum:    49148 15761601c3ad47f58bdf033fd68b5b59

HP Precision architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_hppa.deb
Size/MD5 checksum:    44656 6e7585d858feaa409f98c24a3f2845dc

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_m68k.deb
Size/MD5 checksum:    38626 e7b51b9ccf6a92a9e449f8b6dbaaf948

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_mips.deb
Size/MD5 checksum:    48476 feb5fcd33b64f1dddd05a7a19653629f

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_mipsel.deb
Size/MD5 checksum:    47776 614f65fe2efa766732f12c7f364751bb

PowerPC architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_powerpc.deb
Size/MD5 checksum:    36960 cd7dec5cb03828f1b68a061fdae8e3bb

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_s390.deb
Size/MD5 checksum:    37192 6043652b8d87daf781ddb3b6540c591c

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/l/log2mail/log2mail_0.2.5.1_sparc.deb
Size/MD5 checksum:    34836 e3c4cabc3e534c13d3fc8170384d3757

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update
  
   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

浏览次数：3048
严重程度：0（网友投票）