安全研究
安全漏洞
SGI FAM可获取任意root属主目录文件列表漏洞
发布日期:2003-01-03
更新日期:2003-01-08
受影响系统:
SGI FAM不受影响系统:
- Debian Linux 3.0
- SGI IRIX 6.5.9m
- SGI IRIX 6.5.9f
- SGI IRIX 6.5.9
- SGI IRIX 6.5.8m
- SGI IRIX 6.5.8f
- SGI IRIX 6.5.8
- SGI IRIX 6.5.7m
- SGI IRIX 6.5.7f
- SGI IRIX 6.5.7
- SGI IRIX 6.5.6m
- SGI IRIX 6.5.6f
- SGI IRIX 6.5.6
- SGI IRIX 6.5.5m
- SGI IRIX 6.5.5f
- SGI IRIX 6.5.5
- SGI IRIX 6.5.4m
- SGI IRIX 6.5.4f
- SGI IRIX 6.5.4
- SGI IRIX 6.5.3m
- SGI IRIX 6.5.3f
- SGI IRIX 6.5.3
- SGI IRIX 6.5.2m
- SGI IRIX 6.5.2f
- SGI IRIX 6.5.2
- SGI IRIX 6.5.10m
- SGI IRIX 6.5.10f
- SGI IRIX 6.5.10
- SGI IRIX 6.5.1
- SGI IRIX 6.5
SGI FAM描述:
- SGI IRIX 6.5.18
SGI FAM
- SGI IRIX 6.5.17 m
SGI FAM
- SGI IRIX 6.5.17
SGI FAM
- SGI IRIX 6.5.16
SGI FAM
- SGI IRIX 6.5.15m
SGI FAM
- SGI IRIX 6.5.15f
SGI FAM
- SGI IRIX 6.5.15
SGI FAM
- SGI IRIX 6.5.14m
SGI FAM
- SGI IRIX 6.5.14f
SGI FAM
- SGI IRIX 6.5.14
SGI FAM
- SGI IRIX 6.5.13m
SGI FAM
- SGI IRIX 6.5.13f
SGI FAM
- SGI IRIX 6.5.13
SGI FAM
- SGI IRIX 6.5.12m
SGI FAM
- SGI IRIX 6.5.12f
SGI FAM
- SGI IRIX 6.5.12
SGI FAM
- SGI IRIX 6.5.11m
SGI FAM
- SGI IRIX 6.5.11f
SGI FAM
- SGI IRIX 6.5.11
BUGTRAQ ID: 5487
CVE(CAN) ID: CVE-2002-0875
fam是一款由SGI开发和维护的开放源代码文件更改监视工具,也可以使用在其他Linux和Unix操作系统下。
fam存在设计错误,本地攻击者可以利用这个漏洞获得高权限属主目录下的敏感文件名。
当执行FAM对某一个目录进行监视时,对于只属于组成员的用户来说,本应该只会返回Exists和EndExist事件,如:
# ls -ld /root
drwxr-x--- ... root root ... /root
# fam
% ./test -d /root
FAMMonitorDirectory("/root")
FAMMonitorDirectory("/root")
DIR /root: /root Exists
DIR /root: /root EndExist
但是,由于设计错误,执行FAM的时候会返回如下信息:
% ./test -d /root
FAMMonitorDirectory("/root")
FAMMonitorDirectory("/root")
DIR /root: /root Exists
DIR /root: .gnome Exists
DIR /root: Desktop Exists
...
导致泄露高权限目录中的敏感文件名。
<*来源:Michael Wardle (michael.wardle@adacel.com)
链接:ftp://patches.sgi.com/support/free/security/advisories/20000301-03-I
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
http://www.debian.org/security/2002/dsa-154
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-154-1)以及相应补丁:
DSA-154-1:New fam packages fix privilege escalation
链接:http://www.debian.org/security/2002/dsa-154
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2.dsc
Size/MD5 checksum: 582 c85dc0471332fee4a8c479a4da7f8c3c
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2.diff.gz
Size/MD5 checksum: 7630 47737eb840520df5d7c1424866627ff7
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1.orig.tar.gz
Size/MD5 checksum: 289005 fb1e2a2c01a2a568c2c0f67fa9b90e41
Alpha architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_alpha.deb
Size/MD5 checksum: 79350 3b81338188807cb5bca93b1ec6fb57cc
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_alpha.deb
Size/MD5 checksum: 33064 60940e8809a4bb24c66a3de71acbbcab
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_alpha.deb
Size/MD5 checksum: 36188 bfa26a28c9841cb7f27f359bc4f5db1d
ARM architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_arm.deb
Size/MD5 checksum: 60328 6407969c77d75c542d588ddbe0894326
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_arm.deb
Size/MD5 checksum: 29980 1cc6627f802ab8404d48ef2e909f45c8
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_arm.deb
Size/MD5 checksum: 27844 295f117c1f04a5026a9d1063e5d3ba30
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_i386.deb
Size/MD5 checksum: 59410 ad9b2cb638c5a8c6516ca7762543c418
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_i386.deb
Size/MD5 checksum: 29398 e38857597943d466c5e897dc780a4755
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_i386.deb
Size/MD5 checksum: 32352 caa455f94ae2762987ae7787fc5dde46
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_ia64.deb
Size/MD5 checksum: 88934 4391dd719917f6daccfa531523e50cd0
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_ia64.deb
Size/MD5 checksum: 35612 67210b45b17bd2b8b1e3a0f8637fb0df
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_ia64.deb
Size/MD5 checksum: 45790 a98b08fe026f84fb91f8bff9664538e0
HP Precision architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_hppa.deb
Size/MD5 checksum: 70668 a6471f295233dab67161c7a0dd64d33f
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_hppa.deb
Size/MD5 checksum: 32162 382fe3ba40ded1397b710d4bf777e0d9
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_hppa.deb
Size/MD5 checksum: 33464 057620d63f5a8d384e33bb38ba91e6e2
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_m68k.deb
Size/MD5 checksum: 57592 6b37b2878101173347e17f374e84f721
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_m68k.deb
Size/MD5 checksum: 29124 2c1dfc0ec88e3f07fa701ca69aaa44bc
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_m68k.deb
Size/MD5 checksum: 32912 b9936e5818e30388b16531a81ba2ff07
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_mips.deb
Size/MD5 checksum: 74602 6df218b9cf0d02ac80b14e804577398a
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_mips.deb
Size/MD5 checksum: 31370 b4de3a6b76911da3444ca6639989c38e
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_mips.deb
Size/MD5 checksum: 31894 fd8cce0df31ed5e90c8e7414f0c0fcd9
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_mipsel.deb
Size/MD5 checksum: 73924 17385ca599e2c96bf29b3ad629462d12
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_mipsel.deb
Size/MD5 checksum: 31458 6ded23d5b78f63ae2464cfd2186daec0
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_mipsel.deb
Size/MD5 checksum: 31724 c195749053e15ce4c58083e8bb19045a
PowerPC architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_powerpc.deb
Size/MD5 checksum: 58322 2d6c9f5656603d038927a58f8471fd4f
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_powerpc.deb
Size/MD5 checksum: 29892 6352ac12a99d6b96b08c0aa6230165df
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_powerpc.deb
Size/MD5 checksum: 33190 cb5b5e3abf22f06b96449c20ba910732
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_s390.deb
Size/MD5 checksum: 57232 6c739fb150162d7ecf6d5c6d1d1162a6
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_s390.deb
Size/MD5 checksum: 28484 5b72634dafe0c01dd299eb429464d698
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_s390.deb
Size/MD5 checksum: 32238 bfc10afb0c1319045ee8da9ddd73d231
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/f/fam/fam_2.6.6.1-5.2_sparc.deb
Size/MD5 checksum: 56796 f6e96ed2f69da1320b3a29ccea07ac9b
http://security.debian.org/pool/updates/main/f/fam/libfam-dev_2.6.6.1-5.2_sparc.deb
Size/MD5 checksum: 28808 3973d1c70bf91f4bc0a0665ef1dd5f83
http://security.debian.org/pool/updates/main/f/fam/libfam0_2.6.6.1-5.2_sparc.deb
Size/MD5 checksum: 30868 612c31405105f6ddfafdaf7a46ba8215
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SN-02:05)以及相应补丁:
FreeBSD-SN-02:05:security issues in ports
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
建立FreeBSD系统用户升级相关PORT。
SGI
---
SGI已经为此发布了一个安全公告(20000301-03-I)以及相应补丁:
20000301-03-I:fam Vulnerability Update
链接:ftp://patches.sgi.com/support/free/security/advisories/20000301-03-I
建议用户升级系统至IRIX 6.5.11及之后版本。
浏览次数:3980
严重程度:0(网友投票)
绿盟科技给您安全的保障