CVE-2001-1494
CVSS2.1
发布时间 :2001-12-31 00:00:00
修订时间 :2010-08-21 00:09:05
NMCO    

[原文]script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.


[CNNVD]Util-Linux脚本命令覆盖任意文件漏洞(CNNVD-200112-221)

        util-linux包2.11n之前版本的脚本命令存在漏洞。本地用户可以通过设置系统上类型脚本日志文件和任意文件的硬链接覆盖任意文件,然后执行目录脚本命令。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10723script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescr...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1494
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1494
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200112-221
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/7718
(PATCH)  XF  util-linux-script-hardlink(7718)
http://www.redhat.com/support/errata/RHSA-2005-782.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:782
http://seclists.org/bugtraq/2001/Dec/0123.html
(UNKNOWN)  BUGTRAQ  20011212 Silly 'script' hardlink bug
http://seclists.org/bugtraq/2001/Dec/0122.html
(UNKNOWN)  BUGTRAQ  20011213 Silly 'script' hardlink bug - fixed
http://www.securityfocus.com/bid/16280
(UNKNOWN)  BID  16280
http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm
(UNKNOWN)  MISC  http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm
http://secunia.com/advisories/18502
(UNKNOWN)  SECUNIA  18502
http://secunia.com/advisories/16785
(UNKNOWN)  SECUNIA  16785

- 漏洞信息

Util-Linux脚本命令覆盖任意文件漏洞
低危 设计错误
2001-12-31 00:00:00 2005-10-20 00:00:00
本地  
        util-linux包2.11n之前版本的脚本命令存在漏洞。本地用户可以通过设置系统上类型脚本日志文件和任意文件的硬链接覆盖任意文件,然后执行目录脚本命令。

- 公告与补丁

        Util-linux 2.11n and subsequent versions are not vulnerable to this issue.
        RedHat has released advisory RHSA-2005:782-12 to address this issue. Please see the referenced advisory for more information.
        Avaya has released advisory ASA-2006-014 to identify vulnerable Avaya products. Avaya advises customers to ENTER actions for products which use vulnerable versions of util-linux and mount. Please see the referenced advisory for more information.

- 漏洞信息

19934
util-linux script Hardlink Arbitrary File Overwrite
Local Access Required Input Manipulation
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2001-12-12 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.11n or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站