CVE-2002-1124
CVSS7.2
发布时间 :2002-09-24 00:00:00
修订时间 :2008-09-05 16:29:51
NMCOS    

[原文]Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables.


[CNNVD]Purity本地缓冲区溢出漏洞(CNNVD-200209-050)

        
        purity是一款安装在Debian系统下的游戏程序。
        purity存在多个本地缓冲区溢出问题,本地攻击者以利用这些漏洞以game组的权限在系统上执行任意指令。
        purity对用户提交的数据缺少正确的缓冲区边界检查,由于purity以game的组ID默认安装,成功利用这个漏洞可导致本地用户权限提升。
        <*链接:http://www.debian.org/security/2002/dsa-166
        *>

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:purity:purity:1.9
cpe:/a:purity:purity:1.15
cpe:/a:purity:purity:1.14

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1124
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1124
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200209-050
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/5702
(VENDOR_ADVISORY)  BID  5702
http://www.debian.org/security/2002/dsa-166
(VENDOR_ADVISORY)  DEBIAN  DSA-166
http://www.iss.net/security_center/static/10100.php
(VENDOR_ADVISORY)  XF  linux-purity-bo(10100)

- 漏洞信息

Purity本地缓冲区溢出漏洞
高危 边界条件错误
2002-09-24 00:00:00 2005-10-20 00:00:00
本地  
        
        purity是一款安装在Debian系统下的游戏程序。
        purity存在多个本地缓冲区溢出问题,本地攻击者以利用这些漏洞以game组的权限在系统上执行任意指令。
        purity对用户提交的数据缺少正确的缓冲区边界检查,由于purity以game的组ID默认安装,成功利用这个漏洞可导致本地用户权限提升。
        <*链接:http://www.debian.org/security/2002/dsa-166
        *>

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 暂时去掉Purity的setgid位属性。
        厂商补丁:
        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-166-1)以及相应补丁:
        DSA-166-1:New purity packages fix potential buffer overflows
        链接:
        http://www.debian.org/security/2002/dsa-166

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1.dsc

        Size/MD5 checksum: 513 a7a4276a6c694131a5b3bd58703c8c05
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1.diff.gz

        Size/MD5 checksum: 5147 db47d2d1f51b5f8c97bcb93974b7b5cf
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1.orig.tar.gz

        Size/MD5 checksum: 22249 19cbbd136a94aae3d175d8ccc963368d
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_alpha.deb

        Size/MD5 checksum: 29176 f69989e76361e30813eb233aa500b9c6
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_arm.deb

        Size/MD5 checksum: 27762 169dce544dcab575cc126800eeabb6ce
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_i386.deb

        Size/MD5 checksum: 27404 6eb60f91f4cd3730bef018115268c568
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_m68k.deb

        Size/MD5 checksum: 26934 d1337244388c4b5a183b379e34b37fd1
        PowerPC architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_powerpc.deb

        Size/MD5 checksum: 27760 140ce3d691acc98c27dd6851972db0e9
        Sun Sparc architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-9.1_sparc.deb

        Size/MD5 checksum: 29952 cb2b48e0465b48b89b220feb30818113
        Debian GNU/Linux 3.0 alias woody
        - --------------------------------
        Source archives:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2.dsc

        Size/MD5 checksum: 550 8e669427422857640b0531e3566706f9
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2.diff.gz

        Size/MD5 checksum: 6171 6901ba40ea0938bab43a893e4f75da8a
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1.orig.tar.gz

        Size/MD5 checksum: 22249 19cbbd136a94aae3d175d8ccc963368d
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_alpha.deb

        Size/MD5 checksum: 28890 ecb67c79c8047cc631cf63d6fcd93996
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_arm.deb

        Size/MD5 checksum: 27434 6bb8ed0579e96fcff971086d750937ce
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_i386.deb

        Size/MD5 checksum: 26906 7ec62b9371253879b93fe6db0ef75945
        Intel IA-64 architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_ia64.deb

        Size/MD5 checksum: 30694 7c26d3db982acf14a2e8133cf204e164
        HP Precision architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_hppa.deb

        Size/MD5 checksum: 29234 ceb6569248e96d1fd415de15f8f26370
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_m68k.deb

        Size/MD5 checksum: 26560 4385599f2f16238c4b2628c9a8fc54cc
        Big endian MIPS architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_mips.deb

        Size/MD5 checksum: 27798 e6b360203cd31c13f19d5bc257684f64
        Little endian MIPS architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_mipsel.deb

        Size/MD5 checksum: 27756 12bb21c88be3011bfd50045a73361255
        PowerPC architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_powerpc.deb

        Size/MD5 checksum: 27306 c782697984b5e8ae83ed16c594d80437
        IBM S/390 architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_s390.deb

        Size/MD5 checksum: 27624 c370933a2db896857c5fa3bb86a2a2db
        Sun Sparc architecture:
        
        http://security.debian.org/pool/updates/main/p/purity/purity_1-14.2_sparc.deb

        Size/MD5 checksum: 29980 e48dcb304202e2e29634bd51dbd307a3
        补丁安装方法:
        1. 手工安装补丁包:
         首先,使用下面的命令来下载补丁软件:
         # wget url (url是补丁下载链接地址)
         然后,使用下面的命令来安装补丁:
         # dpkg -i file.deb (file是相应的补丁名)
        2. 使用apt-get自动安装补丁包:
         首先,使用下面的命令更新内部数据库:
         # apt-get update
        
         然后,使用下面的命令安装更新软件包:
         # apt-get upgrade

- 漏洞信息

8871
purity Multiple Unspecified Local Overflows
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-09-13 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Purity Local Buffer Overflow Vulnerabilities
Boundary Condition Error 5702
No Yes
2002-09-13 12:00:00 2009-07-11 05:06:00
Discovery is credited to Snosoft.

- 受影响的程序版本

Purity Purity 1-9
Purity Purity 1-15
Purity Purity 1-14
Purity Purity 1-16

- 不受影响的程序版本

Purity Purity 1-16

- 漏洞讨论

Purity is reported to be prone to a number of buffer overflows, making it possible for local attackers to corrupt memory with attacker-supplied data. As a result, it is possible for an attacker to execute arbitrary code. The game is installed setgid, and successful exploitation of these issues may allow for elevation of privileges. In most installations the group owner is the games user.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Upgrades are available:


Purity Purity 1-14

Purity Purity 1-9

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站