CVE-2005-0076
CVSS7.2
发布时间 :2005-05-02 00:00:00
修订时间 :2008-09-05 16:45:14
NMCOPS    

[原文]Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.


[CNNVD]XView多个缓冲区溢出漏洞(CNNVD-200505-555)

        XView library 3.2存在多个缓冲区溢出,本地用户可能可以借此通过使用该库的setid应用程序来执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0076
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0076
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-555
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/19271
(UNKNOWN)  XF  xview-xvparseone-bo(19271)
http://www.debian.org/security/2005/dsa-672
(UNKNOWN)  DEBIAN  DSA-672

- 漏洞信息

XView多个缓冲区溢出漏洞
高危 缓冲区溢出
2005-05-02 00:00:00 2005-10-20 00:00:00
本地  
        XView library 3.2存在多个缓冲区溢出,本地用户可能可以借此通过使用该库的setid应用程序来执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        xview xview 3.2 p1.4
        Debian olvwm_4.4.3.2p1.4-16woody2_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_alpha.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_arm.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_hppa.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_hppa.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_i386.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_i386.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_ia64.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_ia64.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_m68k.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_m68k.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_mips.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_mips.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_mipsel.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_mipsel.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_powerpc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_powerpc.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_s390.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_s390.deb
        Debian olvwm_4.4.3.2p1.4-16woody2_sparc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olvwm_4.4.3.2p1.4 -16woody2_sparc.deb
        Debian olwm_3.2p1.4-16woody2_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_alpha.deb
        Debian olwm_3.2p1.4-16woody2_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_arm.deb
        Debian olwm_3.2p1.4-16woody2_hppa.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_hppa.deb
        Debian olwm_3.2p1.4-16woody2_i386.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_i386.deb
        Debian olwm_3.2p1.4-16woody2_ia64.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_ia64.deb
        Debian olwm_3.2p1.4-16woody2_m68k.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_m68k.deb
        Debian olwm_3.2p1.4-16woody2_mips.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_mips.deb
        Debian olwm_3.2p1.4-16woody2_mipsel.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_mipsel.deb
        Debian olwm_3.2p1.4-16woody2_powerpc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_powerpc.deb
        Debian olwm_3.2p1.4-16woody2_s390.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_s390.deb
        Debian olwm_3.2p1.4-16woody2_sparc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/olwm_3.2p1.4-16wo ody2_sparc.deb
        Debian xview-clients_3.2p1.4-16woody2_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/xview-clients_3.2 p1.4-16woody2_alpha.deb
        Debian xview-clients_3.2p1.4-16woody2_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/x/xview/xview-clients_3.2 p1.4-16woody2_arm.deb
        Debian xview-clients_3.2p1.4-16woody2_hppa.deb
        Debian G

- 漏洞信息 (F36133)

dsa-672.txt (PacketStormID:F36133)
2005-02-23 00:00:00
 
advisory,overflow,arbitrary,root
linux,debian
CVE-2005-0076
[点击下载]

Debian Security Advisory 672-1 - It was discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as privileged user.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 672-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
February 9th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : xview
Vulnerability  : buffer overflows
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2005-0076

Erik Sj    

- 漏洞信息

13672
XView xv_parse_one() Local Overflow
Local Access Required Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

A local overflow exists in xview. xview fails to verify the boundary in the xv_parse_one() function in xv_parser.c resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code with privileges via a setuid application linked against the library resulting in a loss of integrity.

- 时间线

2005-02-10 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 3.2p1.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

XView Multiple Unspecified Local Buffer Overflow Vulnerabilities
Boundary Condition Error 12500
No Yes
2005-02-09 12:00:00 2009-07-12 10:06:00
Discovery is credited to Erik Sj lund.

- 受影响的程序版本

xview xview 3.2 p1.4
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0

- 漏洞讨论

It is reported that a number of unspecified buffer overflow vulnerabilities exist in the xview library. These issues could allow a local user to execute arbitrary code via linked executables that are installed with setuid privileges.

Debian has identified these issues in xview-3.2p1.4. Other versions affecting various platforms may be vulnerable as well.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Debian has released advisory DSA 672-1 to address this issue. Please see the referenced advisory for more information.


xview xview 3.2 p1.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站