首页 -> 安全研究
安全研究
安全漏洞
SGI IRIX Checkpoint/Restart libcpr文件破坏漏洞
发布日期:2003-08-14
更新日期:2003-08-21
受影响系统:
SGI IRIX 6.5.9不受影响系统:
SGI IRIX 6.5.8
SGI IRIX 6.5.7
SGI IRIX 6.5.6
SGI IRIX 6.5.5
SGI IRIX 6.5.4
SGI IRIX 6.5.3
SGI IRIX 6.5.21
SGI IRIX 6.5.20 m
SGI IRIX 6.5.20 f
SGI IRIX 6.5.2
SGI IRIX 6.5.19
SGI IRIX 6.5.18
SGI IRIX 6.5.17 m
SGI IRIX 6.5.16
SGI IRIX 6.5.15
SGI IRIX 6.5.14
SGI IRIX 6.5.13
SGI IRIX 6.5.12
SGI IRIX 6.5.11
SGI IRIX 6.5.10
SGI IRIX 6.5.1
SGI IRIX 6.5
SGI IRIX 6.5.22描述:
BUGTRAQ ID: 8433
CVE(CAN) ID: CVE-2003-0679
IRIX是一款由SGI公司开发和维护的商业性质UNIX操作系统。
IRIX中包含的Checkpoint/Restart libcpr库存在问题,本地攻击者可以利用这个漏洞破坏本地文件。
checkpoint/restart (cpr)系统包含一个安全漏洞可导致普通用户截断或覆盖部分系统文件。攻击者需要本地帐户来利用这个漏洞。
漏洞存在于libcpr库的32位和64位版本,因此调用此库的应用程序都存在此漏洞。
<*来源:SGI Security Advisory
链接:ftp://patches.sgi.com/support/free/security/advisories/20030802-01-P
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 使用如下方法删除checkpoint / restart安装:
versions remove eoe.sw64.lib
versions remove eoe.sw.cpr
厂商补丁:
SGI
---
SGI已经为此发布了一个安全公告(20030802-01-P)以及相应补丁:
20030802-01-P:Checkpoint/Restart Vulnerability on IRIX
链接:ftp://patches.sgi.com/support/free/security/advisories/20030802-01-P
补丁下载:
SGI建议用户升级到IRIX 6.5.22版本或安装适当补丁。
补丁情况如下:
系统版本 是否受影响 补丁号 备注
---------- ----------- ------- -------------
IRIX 3.x 未知 备注 1
IRIX 4.x 未知 备注 1
IRIX 5.x 未知 备注 1
IRIX 6.0.x 未知 备注 1
IRIX 6.1 未知 备注 1
IRIX 6.2 未知 备注 1
IRIX 6.3 未知 备注 1
IRIX 6.4 未知 备注 1
IRIX 6.5 是 备注 2 & 3
IRIX 6.5.1 是 备注 2 & 3
IRIX 6.5.2 是 备注 2 & 3
IRIX 6.5.3 是 备注 2 & 3
IRIX 6.5.4 是 备注 2 & 3
IRIX 6.5.5 是 备注 2 & 3
IRIX 6.5.6 是 备注 2 & 3
IRIX 6.5.7 是 备注 2 & 3
IRIX 6.5.8 是 备注 2 & 3
IRIX 6.5.9 是 备注 2 & 3
IRIX 6.5.10 是 备注 2 & 3
IRIX 6.5.11 是 备注 2 & 3
IRIX 6.5.12 是 备注 2 & 3
IRIX 6.5.13 是 备注 2 & 3
IRIX 6.5.14 是 备注 2 & 3
IRIX 6.5.15 是 备注 2 & 3
IRIX 6.5.16 是 备注 2 & 3
IRIX 6.5.17m 是 5264 备注 2 & 4
IRIX 6.5.17f 是 5265 备注 2 & 4
IRIX 6.5.18m 是 5266 备注 2 & 4
IRIX 6.5.18f 是 5267 备注 2 & 4
IRIX 6.5.19m 是 5266 备注 2 & 4
IRIX 6.5.19f 是 5267 备注 2 & 4
IRIX 6.5.20m 是 5268 备注 2 & 4
IRIX 6.5.20f 是 5268 备注 2 & 4
IRIX 6.5.21m 是 5269 备注 2 & 4
IRIX 6.5.21f 是 5269 备注 2 & 4
IRIX 6.5.22 不
备注:
1) 这个版本的IRIX系统已经不再被维护了,请升级到受支持的版本,参看
http://support.sgi.com/irix/news/index.html#policy 来获得更多的信息。
2) 如果你还未收到一张IRIX 6.5.x for IRIX 6.5的CD,请联系SGI的支持部门,或访问:http://support.sgi.com
3) 升级到IRIX 6.5.22或者之后的版本。
4) 升级到IRIX 6.5.22或者安装补丁:
##### Patch File Checksums ####
Filename: README.patch.5264
Algorithm #1 (sum -r): 20767 8 README.patch.5264
Algorithm #2 (sum): 27308 8 README.patch.5264
MD5 checksum: 1EF8E031DE86F54CBFC37735EB5D9AE4
Filename: patchSG0005264
Algorithm #1 (sum -r): 26053 3 patchSG0005264
Algorithm #2 (sum): 29345 3 patchSG0005264
MD5 checksum: 45AF80C35DA53C994AD0CEFF4F76296F
Filename: patchSG0005264.eoe_man
Algorithm #1 (sum -r): 19286 27 patchSG0005264.eoe_man
Algorithm #2 (sum): 60606 27 patchSG0005264.eoe_man
MD5 checksum: FEF41A913435C459FCF267B6C911F41D
Filename: patchSG0005264.eoe_sw
Algorithm #1 (sum -r): 19573 1611 patchSG0005264.eoe_sw
Algorithm #2 (sum): 25521 1611 patchSG0005264.eoe_sw
MD5 checksum: 6CBA2D2CDC64F7420CEE046A95330A40
Filename: patchSG0005264.eoe_sw64
Algorithm #1 (sum -r): 16141 1619 patchSG0005264.eoe_sw64
Algorithm #2 (sum): 25242 1619 patchSG0005264.eoe_sw64
MD5 checksum: B0F17952BC0B17870157BFF07AAB0C42
Filename: patchSG0005264.idb
Algorithm #1 (sum -r): 19936 3 patchSG0005264.idb
Algorithm #2 (sum): 45364 3 patchSG0005264.idb
MD5 checksum: 2162254536CD958B21F6353F2EEFA8A5
Filename: README.patch.5265
Algorithm #1 (sum -r): 04261 8 README.patch.5265
Algorithm #2 (sum): 27302 8 README.patch.5265
MD5 checksum: 5DDD240FD555B630B04CEAC0F7AE5282
Filename: patchSG0005265
Algorithm #1 (sum -r): 57439 3 patchSG0005265
Algorithm #2 (sum): 31575 3 patchSG0005265
MD5 checksum: 4719B6B46C35566B43DFF8DB23246DA7
Filename: patchSG0005265.eoe_man
Algorithm #1 (sum -r): 05671 28 patchSG0005265.eoe_man
Algorithm #2 (sum): 9638 28 patchSG0005265.eoe_man
MD5 checksum: 4E15766E36B097842A0C786A7DDF8B0D
Filename: patchSG0005265.eoe_sw
Algorithm #1 (sum -r): 10897 1624 patchSG0005265.eoe_sw
Algorithm #2 (sum): 6529 1624 patchSG0005265.eoe_sw
MD5 checksum: C9FAB2FED609FC75A2F46DDFA9B67C38
Filename: patchSG0005265.eoe_sw64
Algorithm #1 (sum -r): 05404 1644 patchSG0005265.eoe_sw64
Algorithm #2 (sum): 3188 1644 patchSG0005265.eoe_sw64
MD5 checksum: 3B3D64345907908993B044CBF780D8A6
Filename: patchSG0005265.idb
Algorithm #1 (sum -r): 21943 3 patchSG0005265.idb
Algorithm #2 (sum): 45308 3 patchSG0005265.idb
MD5 checksum: 936DF09BB37AA603F6B0FA2B28E18B3C
Filename: README.patch.5266
Algorithm #1 (sum -r): 08692 8 README.patch.5266
Algorithm #2 (sum): 31072 8 README.patch.5266
MD5 checksum: FA136463F87C735E702284F75B1938ED
Filename: patchSG0005266
Algorithm #1 (sum -r): 17674 4 patchSG0005266
Algorithm #2 (sum): 40321 4 patchSG0005266
MD5 checksum: 08489A011D8F4DA809FF89BE624DA99E
Filename: patchSG0005266.eoe_man
Algorithm #1 (sum -r): 12782 27 patchSG0005266.eoe_man
Algorithm #2 (sum): 10895 27 patchSG0005266.eoe_man
MD5 checksum: 69A3E9F0DE805FC0B94A03FF53BFC637
Filename: patchSG0005266.eoe_sw
Algorithm #1 (sum -r): 58782 1612 patchSG0005266.eoe_sw
Algorithm #2 (sum): 15296 1612 patchSG0005266.eoe_sw
MD5 checksum: 6061F96E242CF3CEC8D6A037B0F00946
Filename: patchSG0005266.eoe_sw64
Algorithm #1 (sum -r): 24657 1622 patchSG0005266.eoe_sw64
Algorithm #2 (sum): 28645 1622 patchSG0005266.eoe_sw64
MD5 checksum: 56C8D4D949023B5A0143FCD0486E7460
Filename: patchSG0005266.idb
Algorithm #1 (sum -r): 48937 3 patchSG0005266.idb
Algorithm #2 (sum): 45386 3 patchSG0005266.idb
MD5 checksum: 5CADC70FA36E3D7B815B6F8FBB4F17BF
Filename: README.patch.5267
Algorithm #1 (sum -r): 14546 8 README.patch.5267
Algorithm #2 (sum): 31021 8 README.patch.5267
MD5 checksum: 76738A084F513775DD85B81D1BC94008
Filename: patchSG0005267
Algorithm #1 (sum -r): 28050 4 patchSG0005267
Algorithm #2 (sum): 45796 4 patchSG0005267
MD5 checksum: 5D6162E6DAA1FD1F28A4F3802BACED10
Filename: patchSG0005267.eoe_man
Algorithm #1 (sum -r): 13205 28 patchSG0005267.eoe_man
Algorithm #2 (sum): 31466 28 patchSG0005267.eoe_man
MD5 checksum: 98C7840C7122621251886E3B71A61EF3
Filename: patchSG0005267.eoe_sw
Algorithm #1 (sum -r): 05019 1627 patchSG0005267.eoe_sw
Algorithm #2 (sum): 51136 1627 patchSG0005267.eoe_sw
MD5 checksum: 4D5FA1874B547C87628BCBEC2CF79B10
Filename: patchSG0005267.eoe_sw64
Algorithm #1 (sum -r): 38088 1667 patchSG0005267.eoe_sw64
Algorithm #2 (sum): 15612 1667 patchSG0005267.eoe_sw64
MD5 checksum: 04EB12BE09E8692C782C2100522312B1
Filename: patchSG0005267.idb
Algorithm #1 (sum -r): 50194 3 patchSG0005267.idb
Algorithm #2 (sum): 45355 3 patchSG0005267.idb
MD5 checksum: 94E221BD2655DDB87E0FAB9183BA8F17
Filename: README.patch.5268
Algorithm #1 (sum -r): 18037 8 README.patch.5268
Algorithm #2 (sum): 30981 8 README.patch.5268
MD5 checksum: DD6677BA492188F1B8245A17DB07023C
Filename: patchSG0005268
Algorithm #1 (sum -r): 38890 4 patchSG0005268
Algorithm #2 (sum): 40273 4 patchSG0005268
MD5 checksum: D711BF0308FCAAF521CBE92CD937BFDB
Filename: patchSG0005268.eoe_man
Algorithm #1 (sum -r): 37809 29 patchSG0005268.eoe_man
Algorithm #2 (sum): 6758 29 patchSG0005268.eoe_man
MD5 checksum: 0B817D89AE398F9B74A22EBF82FA53D7
Filename: patchSG0005268.eoe_sw
Algorithm #1 (sum -r): 55940 1681 patchSG0005268.eoe_sw
Algorithm #2 (sum): 38833 1681 patchSG0005268.eoe_sw
MD5 checksum: AE134D3E422CD93BB8B48DD21C8D3202
Filename: patchSG0005268.eoe_sw64
Algorithm #1 (sum -r): 08461 1720 patchSG0005268.eoe_sw64
Algorithm #2 (sum): 30202 1720 patchSG0005268.eoe_sw64
MD5 checksum: 52152A157A071693552FDDC4D9E9C882
Filename: patchSG0005268.idb
Algorithm #1 (sum -r): 22080 3 patchSG0005268.idb
Algorithm #2 (sum): 45392 3 patchSG0005268.idb
MD5 checksum: 7178064E04B990777C76676028EB42DD
Filename: README.patch.5269
Algorithm #1 (sum -r): 01513 8 README.patch.5269
Algorithm #2 (sum): 31009 8 README.patch.5269
MD5 checksum: C67A1BF25201F9214C5970FF161B7903
Filename: patchSG0005269
Algorithm #1 (sum -r): 38700 4 patchSG0005269
Algorithm #2 (sum): 41945 4 patchSG0005269
MD5 checksum: 570D8BDD649B8B222E02431D6428BAC8
Filename: patchSG0005269.eoe_man
Algorithm #1 (sum -r): 38217 30 patchSG0005269.eoe_man
Algorithm #2 (sum): 34665 30 patchSG0005269.eoe_man
MD5 checksum: 5640D001B448B2A37F2852D299C6D584
Filename: patchSG0005269.eoe_sw
Algorithm #1 (sum -r): 25513 1690 patchSG0005269.eoe_sw
Algorithm #2 (sum): 49476 1690 patchSG0005269.eoe_sw
MD5 checksum: F91B19BCE94CF4195CB89EA23B4120ED
Filename: patchSG0005269.eoe_sw64
Algorithm #1 (sum -r): 47527 1724 patchSG0005269.eoe_sw64
Algorithm #2 (sum): 16549 1724 patchSG0005269.eoe_sw64
MD5 checksum: AC9DA4798C26691B5F78936EC0BE3F92
Filename: patchSG0005269.idb
Algorithm #1 (sum -r): 10586 3 patchSG0005269.idb
Algorithm #2 (sum): 45324 3 patchSG0005269.idb
MD5 checksum: EB3EE4E7651229DB47631B17336B81F6
浏览次数:3121
严重程度:0(网友投票)
绿盟科技给您安全的保障