CVE-2004-0494
CVSS7.5
发布时间 :2004-11-23 00:00:00
修订时间 :2010-08-21 00:20:38
NMCOPS    

[原文]Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.


[CNNVD]Gnome VFS 'extfs'脚本身份不明漏洞(CNNVD-200411-055)

        GNOME虚拟文件系统1.0.1之前版本的多个extfs后端脚本存在漏洞。远程攻击者可能借助gnome-vfs URI执行某些未授权的行为。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:redhat:linux_advanced_workstation:2.1::ia64
cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64
cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64
cpe:/o:redhat:enterprise_linux:2.1::workstation
cpe:/o:redhat:enterprise_linux:2.1::advanced_server
cpe:/o:redhat:enterprise_linux:3.0::advanced_server
cpe:/a:avaya:cvlan
cpe:/o:redhat:linux_advanced_workstation:2.1::itanium_processor
cpe:/o:redhat:enterprise_linux:3.0::workstation_server
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64
cpe:/o:redhat:enterprise_linux:3.0::enterprise_server
cpe:/o:redhat:enterprise_linux_desktop:3.0Red Hat Desktop 3.0
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9854Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized a...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0494
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0494
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200411-055
(官方数据源) CNNVD

- 其它链接及资源

http://www.redhat.com/support/errata/RHSA-2004-373.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:373
https://bugzilla.fedora.us/show_bug.cgi?id=1944
(UNKNOWN)  FEDORA  FLSA:1944
http://xforce.iss.net/xforce/xfdb/16897
(VENDOR_ADVISORY)  XF  gnome-vfs-extfs-gain-access(16897)
http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html
(UNKNOWN)  CONFIRM  http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html

- 漏洞信息

Gnome VFS 'extfs'脚本身份不明漏洞
高危 未知
2004-11-23 00:00:00 2005-10-20 00:00:00
远程  
        GNOME虚拟文件系统1.0.1之前版本的多个extfs后端脚本存在漏洞。远程攻击者可能借助gnome-vfs URI执行某些未授权的行为。

- 公告与补丁

        RedHat has released a Fedora Legacy advisory FLSA:1944 along with fixes for RedHat Linux. Please see the referenced advisory for more information.
        RedHat has released two advisories (FEDORA-2004-272, FEDORA-2004-273) to address this issue in Fedora Core 1 and Fedora Core 2. Please see the referenced advisories for more information.
        RedHat has released advisory RHSA-2004:373-13 and fixes to resolve this issue. Please see the referenced advisory for further information.
        Avaya has released an advisory that acknowledges this vulnerability for Avaya products. Fixes are not currently available; customers are advised to remove Gnome packages from their server or apply patches supplied by the Operating System vendor. Please see the referenced Avaya advisory at the following location for further details:
        http://support.avaya.com/japple/css/japple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=198525&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()
        SGI has made available Patch 10095, correcting this vulnerability for systems running SGI Advanced Linux Environment 3:
        Patch 10095 is available from
        http://support.sgi.com/ and
        ftp://patches.sgi.com/support/free/security/patches/ProPack/3/
        The individual RPMs from Patch 10095 are available from:
        ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS
        ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS
        SuSE Linux has released fixes for this issue.
        Fedora Core 3 advisory FEDORA-2004-514 including an updated version of Midnight Commander is available to address this issue. Please see the referenced advisory for more information.
        Red Hat has released advisory RHSA-2004:464-09 to address this issue in Midnight Commander for Red Hat Enterprise Linux. Please see the advisory in Web references for more information.
        
        RedHat Linux 7.3 i386
        
        RedHat Linux 9.0 i386
        
        S.u.S.E. Linux Personal 9.2
        

- 漏洞信息 (F33976)

RHSA-2004-373.txt (PacketStormID:F33976)
2004-08-06 00:00:00
 
linux,redhat
CVE-2004-0494
[点击下载]

Red Hat Security Advisory RHSA-2004:373 - Flaws have been found in several of the GNOME VFS extfs backend scripts. Red Hat Enterprise Linux ships with vulnerable scripts, but they are not used by default. An attacker who is able to influence a user to open a specially-crafted URI using gnome-vfs could perform actions as that user.

GNOME VFS updates address extfs vulnerability
Advisory: 	RHSA-2004:373-13
Last updated on: 	2004-08-04
Affected Products: 	Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): 	CAN-2004-0494

back

	  Security Advisory

Details:

Updated GNOME VFS packages that remove potential extfs-related
vulnerabilities are now available.

GNOME VFS is the GNOME virtual file system. It provides a modular
architecture and ships with several modules that implement support for file
systems, HTTP, FTP, and others. The extfs backends make it possible to
implement file systems for GNOME VFS using scripts.

Flaws have been found in several of the GNOME VFS extfs backend scripts.
Red Hat Enterprise Linux ships with vulnerable scripts, but they are not
used by default. An attacker who is able to influence a user to open a
specially-crafted URI using gnome-vfs could perform actions as that user.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0494 to this issue.

Users of Red Hat Enterprise Linux should upgrade to these updated packages,
which remove these unused scripts.

Updated packages:
Red Hat Desktop (v. 3)
AMD64:
gnome-vfs2-2.2.5-2E.1.x86_64.rpm 	    06271691a5533316f595d9d136204d15
gnome-vfs2-devel-2.2.5-2E.1.x86_64.rpm 	    fba4ca47955f92be0b082c6fa587b14a
 
SRPMS:
gnome-vfs2-2.2.5-2E.1.src.rpm 	    fbcb6e48b0e04a54383894867a79057d
 
i386:
gnome-vfs2-2.2.5-2E.1.i386.rpm 	    bf38b8427b6c60a93169a266cca8e8f1
gnome-vfs2-devel-2.2.5-2E.1.i386.rpm 	    f7f903cc6b74cb22153e25c9f78f4311
 
Red Hat Enterprise Linux AS (v. 2.1)
SRPMS:
gnome-vfs-1.0.1-18.1.src.rpm 	    a4cf8f82b440789276f366536e852588
 
i386:
gnome-vfs-1.0.1-18.1.i386.rpm 	    0d23312d359424e46b0fcb713b0eab85
gnome-vfs-devel-1.0.1-18.1.i386.rpm 	    c7e27477bc25189730309ad69bee1b00
 
ia64:
gnome-vfs-1.0.1-18.1.ia64.rpm 	    dc0ed88d802874697908d2b02f83a24c
gnome-vfs-devel-1.0.1-18.1.ia64.rpm 	    c9c83b9b1ce79fa7bfdbdf1cdd0c4fb5
 
Red Hat Enterprise Linux AS (v. 3)
AMD64:
gnome-vfs2-2.2.5-2E.1.x86_64.rpm 	    06271691a5533316f595d9d136204d15
gnome-vfs2-devel-2.2.5-2E.1.x86_64.rpm 	    fba4ca47955f92be0b082c6fa587b14a
 
SRPMS:
gnome-vfs2-2.2.5-2E.1.src.rpm 	    fbcb6e48b0e04a54383894867a79057d
 
i386:
gnome-vfs2-2.2.5-2E.1.i386.rpm 	    bf38b8427b6c60a93169a266cca8e8f1
gnome-vfs2-devel-2.2.5-2E.1.i386.rpm 	    f7f903cc6b74cb22153e25c9f78f4311
 
ia64:
gnome-vfs2-2.2.5-2E.1.ia64.rpm 	    9ec0d04f82412d17c699793367a7b980
gnome-vfs2-devel-2.2.5-2E.1.ia64.rpm 	    a0241d4990bbb961452ada3d4aacaceb
 
ppc:
gnome-vfs2-2.2.5-2E.1.ppc.rpm 	    4a471457ca073a26c762cca8fcd3ad88
gnome-vfs2-devel-2.2.5-2E.1.ppc.rpm 	    1f57211bf9d472e0e5ae6f6b9c1dad26
 
s390:
gnome-vfs2-2.2.5-2E.1.s390.rpm 	    14dfeb34e2193f74ae2598511e593ffd
gnome-vfs2-devel-2.2.5-2E.1.s390.rpm 	    d11d79d93d7a54a365400f81bf15c522
 
s390x:
gnome-vfs2-2.2.5-2E.1.s390x.rpm 	    177418bc2e61fc5b0f72d08c6c8dcade
gnome-vfs2-devel-2.2.5-2E.1.s390x.rpm 	    f70f90a1c8d47770441bcf09330809d1
 
Red Hat Enterprise Linux ES (v. 2.1)
SRPMS:
gnome-vfs-1.0.1-18.1.src.rpm 	    a4cf8f82b440789276f366536e852588
 
i386:
gnome-vfs-1.0.1-18.1.i386.rpm 	    0d23312d359424e46b0fcb713b0eab85
gnome-vfs-devel-1.0.1-18.1.i386.rpm 	    c7e27477bc25189730309ad69bee1b00
 
Red Hat Enterprise Linux ES (v. 3)
AMD64:
gnome-vfs2-2.2.5-2E.1.x86_64.rpm 	    06271691a5533316f595d9d136204d15
gnome-vfs2-devel-2.2.5-2E.1.x86_64.rpm 	    fba4ca47955f92be0b082c6fa587b14a
 
SRPMS:
gnome-vfs2-2.2.5-2E.1.src.rpm 	    fbcb6e48b0e04a54383894867a79057d
 
i386:
gnome-vfs2-2.2.5-2E.1.i386.rpm 	    bf38b8427b6c60a93169a266cca8e8f1
gnome-vfs2-devel-2.2.5-2E.1.i386.rpm 	    f7f903cc6b74cb22153e25c9f78f4311
 
ia64:
gnome-vfs2-2.2.5-2E.1.ia64.rpm 	    9ec0d04f82412d17c699793367a7b980
gnome-vfs2-devel-2.2.5-2E.1.ia64.rpm 	    a0241d4990bbb961452ada3d4aacaceb
 
Red Hat Enterprise Linux WS (v. 2.1)
SRPMS:
gnome-vfs-1.0.1-18.1.src.rpm 	    a4cf8f82b440789276f366536e852588
 
i386:
gnome-vfs-1.0.1-18.1.i386.rpm 	    0d23312d359424e46b0fcb713b0eab85
gnome-vfs-devel-1.0.1-18.1.i386.rpm 	    c7e27477bc25189730309ad69bee1b00
 
Red Hat Enterprise Linux WS (v. 3)
AMD64:
gnome-vfs2-2.2.5-2E.1.x86_64.rpm 	    06271691a5533316f595d9d136204d15
gnome-vfs2-devel-2.2.5-2E.1.x86_64.rpm 	    fba4ca47955f92be0b082c6fa587b14a
 
SRPMS:
gnome-vfs2-2.2.5-2E.1.src.rpm 	    fbcb6e48b0e04a54383894867a79057d
 
i386:
gnome-vfs2-2.2.5-2E.1.i386.rpm 	    bf38b8427b6c60a93169a266cca8e8f1
gnome-vfs2-devel-2.2.5-2E.1.i386.rpm 	    f7f903cc6b74cb22153e25c9f78f4311
 
ia64:
gnome-vfs2-2.2.5-2E.1.ia64.rpm 	    9ec0d04f82412d17c699793367a7b980
gnome-vfs2-devel-2.2.5-2E.1.ia64.rpm 	    a0241d4990bbb961452ada3d4aacaceb
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SRPMS:
gnome-vfs-1.0.1-18.1.src.rpm 	    a4cf8f82b440789276f366536e852588
 
ia64:
gnome-vfs-1.0.1-18.1.ia64.rpm 	    dc0ed88d802874697908d2b02f83a24c
gnome-vfs-devel-1.0.1-18.1.ia64.rpm 	    c9c83b9b1ce79fa7bfdbdf1cdd0c4fb5
 
(The unlinked packages above are only available from the Red Hat Network)

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494

Keywords:

extfs, gnome-vfs, gnome-vfs2
    

- 漏洞信息

8338
GNOME GnomeVFS extfs Backend Scripts Command Execution
Local Access Required Other
Loss of Integrity
Exploit Unknown

- 漏洞描述

GNOME GnomeVFS contains a flaw that may allow a malicious user to gain unauthorized privileges. The issue is due to an error in several GNOME VFS extfs back-end scripts. It is possible that the flaw may allow a remote attacker to perform actions with GNOME VFS user privileges, resulting in a loss of integrity.

- 时间线

2004-08-04 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Redhat has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Gnome VFS 'extfs' Scripts Undisclosed Vulnerability
Unknown 10864
Yes No
2004-08-04 12:00:00 2009-07-12 06:16:00
It is unknown at this time who originally discovered this vulnerability, but it was first disclosed by in a RedHat advisory.

- 受影响的程序版本

SGI Advanced Linux Environment 3.0
S.u.S.E. Linux Personal 9.2
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Avaya CVLAN

- 漏洞讨论

Gnome VFSs 'extfs' scripts are reported prone to an undisclosed vulnerability.

It is reported that a user that views specially crafted, attacker supplied URIs utilizing the 'extfs' VFS module may be able to execute arbitrary commands in the context of the user.

This BID will be updated as further information is disclosed.

- 漏洞利用

No exploit is required.

- 解决方案

RedHat has released a Fedora Legacy advisory FLSA:1944 along with fixes for RedHat Linux. Please see the referenced advisory for more information.

RedHat has released two advisories (FEDORA-2004-272, FEDORA-2004-273) to address this issue in Fedora Core 1 and Fedora Core 2. Please see the referenced advisories for more information.

RedHat has released advisory RHSA-2004:373-13 and fixes to resolve this issue. Please see the referenced advisory for further information.

Avaya has released an advisory that acknowledges this vulnerability for Avaya products. Fixes are not currently available; customers are advised to remove Gnome packages from their server or apply patches supplied by the Operating System vendor. Please see the referenced Avaya advisory at the following location for further details:
http://support.avaya.com/japple/css/japple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=198525&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()

SGI has made available Patch 10095, correcting this vulnerability for systems running SGI Advanced Linux Environment 3:

Patch 10095 is available from http://support.sgi.com/ and
ftp://patches.sgi.com/support/free/security/patches/ProPack/3/

The individual RPMs from Patch 10095 are available from:
ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS
ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS

SuSE Linux has released fixes for this issue.

Fedora Core 3 advisory FEDORA-2004-514 including an updated version of Midnight Commander is available to address this issue. Please see the referenced advisory for more information.

Red Hat has released advisory RHSA-2004:464-09 to address this issue in Midnight Commander for Red Hat Enterprise Linux. Please see the advisory in Web references for more information.


RedHat Linux 7.3 i386

RedHat Linux 9.0 i386

S.u.S.E. Linux Personal 9.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站