安全研究
安全漏洞
CVS客户端RCS Diff客户端文件覆盖漏洞
发布日期:2004-04-22
更新日期:2004-04-27
受影响系统:
CVS CVS 12.2不受影响系统:
CVS CVS 12.1
CVS CVS 1.11.6
CVS CVS 1.11.5
CVS CVS 1.11.4
CVS CVS 1.11.3
CVS CVS 1.11.2
CVS CVS 1.11.14
CVS CVS 1.11.11
CVS CVS 1.11.10
CVS CVS 1.11
CVS CVS 1.10.8
CVS CVS 1.10.7
CVS CVS 1.11.1p1
- Debian Linux 3.0
- OpenBSD 3.2
- OpenBSD 3.1
- RedHat Linux 7.3
- RedHat Linux 7.2
- RedHat Linux 7.1
- RedHat Linux 7.0
- RedHat Linux 6.2
- SuSE Linux 8.1
- SuSE Linux 8.0
CVS CVS 12.7描述:
CVS CVS 1.11.15
BUGTRAQ ID: 10138
CVE(CAN) ID: CVE-2004-0180
Concurrent Versions System (CVS)是一款开放源代码的版本控制软件。
CVS客户端在处理路径名时缺少充分处理,远程攻击者可以利用这个漏洞提供恶意CVS Server信息,可在客户端建立任意文件。
问题是由于在进行升级或校验操作时,CVS服务器在RCS diffs中提供绝对路径名,当客户端处理时可导致在客户端系统中建立任意文件。
<*来源:Sebastian Krahmer (krahmer@suse.de)
链接:http://www.debian.org/security/2004/dsa-486
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc
https://www.redhat.com/support/errata/RHSA-2004-154.html
*>
建议:
厂商补丁:
CVS
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
CVS CVS 1.11:
CVS Upgrade cvs-1.11.15.tar.gz
http://ccvs.cvshome.org/servlets/ProjectDownloadList?action=download&dlID=466
CVS Upgrade cvs-1.12.7.tar.gz
http://ccvs.cvshome.org/servlets/ProjectDownloadList?action=download&dlID=468
Debian
------
Debian已经为此发布了一个安全公告(DSA-486-1)以及相应补丁:
DSA-486-1:New cvs packages fix multiple vulnerabilities
链接:http://www.debian.org/security/2002/dsa-486
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2.dsc
Size/MD5 checksum: 693 28b69f2fb8220898ca67c01315100f34
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2.diff.gz
Size/MD5 checksum: 52099 91792f8108528075bcf13b065875b4db
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian.orig.tar.gz
Size/MD5 checksum: 2621658 500965ab9702b31605f8c58aa21a6205
Alpha architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_alpha.deb
Size/MD5 checksum: 1178632 ad23bcdf83e3ce5253e0f1d7741600b8
ARM architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_arm.deb
Size/MD5 checksum: 1105142 143e7fd0c40a86cf34ec5a6b174fcd18
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_i386.deb
Size/MD5 checksum: 1094930 20f380681501e6a2da820404e0198d05
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_ia64.deb
Size/MD5 checksum: 1270908 c84aeccd424b890744f8aade97965b3f
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_hppa.deb
Size/MD5 checksum: 1147238 600d2778f0e8ab62f8194bc3fed09b23
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_m68k.deb
Size/MD5 checksum: 1065546 7199eddc8e0cb9e2e6a62e041d7257dd
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_mips.deb
Size/MD5 checksum: 1129628 c193b5312150906f08e5f0f9f262a053
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_mipsel.deb
Size/MD5 checksum: 1130946 d5e64bbf877d7875777b9a144e00f909
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_powerpc.deb
Size/MD5 checksum: 1116088 fca673b8d53f571a341502c569225609
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_s390.deb
Size/MD5 checksum: 1096904 7c22f2848da99ac592490ea23e71b8e3
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody2_sparc.deb
Size/MD5 checksum: 1107142 e2d10b43bcf8619e114365c389878936
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
http://www.debian.org/security/2004/dsa-486
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2004:154-01)以及相应补丁:
RHSA-2004:154-01:Updated CVS packages fix security issue
链接:https://www.redhat.com/support/errata/RHSA-2004-154.html
补丁下载:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/cvs-1.11.2-17.src.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/cvs-1.11.2-17.i386.rpm
浏览次数:3658
严重程度:0(网友投票)
绿盟科技给您安全的保障