安全研究
安全漏洞
GDM Xsession-Errors不安全文件处理漏洞
发布日期:2003-08-21
更新日期:2003-08-27
受影响系统:
Martin K. Peterson gdm 2.4.1.5描述:
Martin K. Peterson gdm 2.4.1.4
Martin K. Peterson gdm 2.4.1.3
Martin K. Peterson gdm 2.4.1.2
Martin K. Peterson gdm 2.4.1.1
Martin K. Peterson gdm 2.4.1
Martin K. Peterson gdm 2.2.0
Martin K. Peterson gdm 2.4.1.6
- Mandrake Linux 9.0
- RedHat Linux 9.0
BUGTRAQ ID: 8469
GDM是一款X下的GNOME显示管理器。XDMCP是X显示管理控制协议。
GDM不安全处理'.xsession-errors'文件,本地攻击者可以利用这个漏洞以root用户权限查看系统上敏感文件内容。
这个漏洞可以通过GDM的"检查会话错误"特征来完成,此功能用于显示在调用用户HOME目录下'.xsession-errors'文件中的内容。由于在处理这个文件时没有进行充分的过滤检查,可导致攻击者使用符号连接替代这个文件为任意系统文件,由于GDM默认以setuid root属性安装,因此可以以root用户权限查看系统上的任意文件内容。
<*来源:Red Hat Security Advisory
链接:https://www.redhat.com/support/errata/RHSA-2003-258.html
http://www.linux-mandrake.com/en/security/2003/2003-085.php
*>
建议:
厂商补丁:
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:085)以及相应补丁:
MDKSA-2003:085:Updated gdm packages fix vulnerabilities
链接:http://www.linux-mandrake.com/en/security/2003/2003-085.php
补丁下载:
Updated Packages:
Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/gdm-2.4.1.6-0.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/gdm-Xnest-2.4.1.6-0.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/gdm-2.4.1.6-0.2mdk.src.rpm
Corporate Server 2.1/x86_64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/gdm-2.4.1.6-0.2mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/gdm-Xnest-2.4.1.6-0.2mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/SRPMS/gdm-2.4.1.6-0.2mdk.src.rpm
Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/gdm-2.4.1.6-0.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/gdm-Xnest-2.4.1.6-0.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/gdm-2.4.1.6-0.2mdk.src.rpm
Mandrake Linux 9.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/gdm-2.4.1.6-0.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/gdm-Xnest-2.4.1.6-0.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/SRPMS/gdm-2.4.1.6-0.3mdk.src.rpm
Mandrake Linux 9.1/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/gdm-2.4.1.6-0.3mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/gdm-Xnest-2.4.1.6-0.3mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/SRPMS/gdm-2.4.1.6-0.3mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:258-01)以及相应补丁:
RHSA-2003:258-01:GDM allows local user to read any file.
链接:https://www.redhat.com/support/errata/RHSA-2003-258.html
补丁下载:
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/gdm-2.0beta2-46.src.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/gdm-2.0beta2-46.i386.rpm
Red Hat Linux 7.1 for iSeries (64 bit):
SRPMS:
ftp://updates.redhat.com/7.1/en/os/iSeries/SRPMS/gdm-2.0beta2-46.src.rpm
ppc:
ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/gdm-2.0beta2-46.ppc.rpm
Red Hat Linux 7.1 for pSeries (64 bit):
SRPMS:
ftp://updates.redhat.com/7.1/en/os/pSeries/SRPMS/gdm-2.0beta2-46.src.rpm
ppc:
ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/gdm-2.0beta2-46.ppc.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/gdm-2.2.3.1-21.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/gdm-2.2.3.1-21.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/gdm-2.2.3.1-21.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/gdm-2.2.3.1-23.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/gdm-2.2.3.1-23.i386.rpm
Red Hat Linux 8.0:
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/gdm-2.4.0.7-14.src.rpm
i386:
ftp://updates.redhat.com/8.0/en/os/i386/gdm-2.4.0.7-14.i386.rpm
Red Hat Linux 9:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/gdm-2.4.1.3-5.1.src.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/gdm-2.4.1.3-5.1.i386.rpm
浏览次数:3236
严重程度:0(网友投票)
绿盟科技给您安全的保障