发布时间 :2005-10-05 17:02:00
修订时间 :2016-10-17 23:07:29

[原文]gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.

[CNNVD]Gnome-PTY-Helper UTMP主机名欺骗漏洞(CNNVD-200510-012)

        GNOME libzvt2和libvte4中的gnome-pty-helper本地用户可以借助修改过的DISPLAY环境变量欺骗登录主机名。注: 此问题的严重程度有争议。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20051007 gnome-pty-helper writes arbitrary utmp records
(UNKNOWN)  BID  15004
(UNKNOWN)  VUPEN  ADV-2005-1931
(UNKNOWN)  XF  libzvt-gnomeptyhelper-spoof(22496)

- 漏洞信息

Gnome-PTY-Helper UTMP主机名欺骗漏洞
低危 输入验证
2005-10-05 00:00:00 2005-10-20 00:00:00
        GNOME libzvt2和libvte4中的gnome-pty-helper本地用户可以借助修改过的DISPLAY环境变量欺骗登录主机名。注: 此问题的严重程度有争议。

- 公告与补丁


- 漏洞信息

GNOME libzvt gnome-pty-helper DISPLAY Variable Hostname Spoofing
Vendor Verified

- 漏洞描述

- 时间线

2005-09-21 Unknow
Unknow Unknow

- 解决方案


Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Gnome-PTY-Helper UTMP Hostname Spoofing Vulnerability
Input Validation Error 15004
No Yes
2005-10-03 12:00:00 2009-07-12 05:06:00
Paul Szabo <> disclosed this vulnerability.

- 受影响的程序版本

GNOME libzvt2 1.4.2
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0

- 漏洞讨论

'gnome-pty-helper' is susceptible to a local UTMP hostname spoofing vulnerability. This issue is due to the failure of the application to properly validate user-supplied data prior to using it to update UTMP records.

This vulnerability allows users to spoof remote hostname information in UTMP records. This may aid attackers by misdirecting administrators and users as to the correct origin of the attacker.

- 漏洞利用

A proof of concept exploit has been provided by Paul Szabo &lt;;:

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 相关参考