CVE-2005-0077
CVSS2.1
发布时间 :2005-05-02 00:00:00
修订时间 :2016-10-17 23:07:43
NMCOPS    

[原文]The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.


[CNNVD]Perl DBI本地文件破坏漏洞(CNNVD-200505-723)

        DBI::ProxyServer是perl的DBI库包含的模块。
        DBI::ProxyServer模块在建立PID文件时不够安全,本地攻击者可以利用这个漏洞通过符号链接以用户进程权限覆盖系统任意文件。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:gentoo:linuxGentoo Linux
cpe:/o:debian:debian_linux:3.0::woody
cpe:/o:redhat:enterprise_linux:4.0::enterprise_server
cpe:/o:redhat:enterprise_linux:4.0::advanced_server
cpe:/o:redhat:enterprise_linux:4.0::workstation
cpe:/o:redhat:enterprise_linux_desktop:4.0Red Hat Desktop 4.0
cpe:/o:ubuntu:ubuntu_linux:4.10

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10552arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exc...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0077
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0077
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-723
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=110667936707597&w=2
(UNKNOWN)  BUGTRAQ  20050125 [USN-70-1] Perl DBI module vulnerability
http://securitytracker.com/id?1013007
(UNKNOWN)  SECTRACK  1013007
http://www.debian.org/security/2005/dsa-658
(VENDOR_ADVISORY)  DEBIAN  DSA-658
http://www.gentoo.org/security/en/glsa/glsa-200501-38.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200501-38
http://www.mandriva.com/security/advisories?name=MDKSA-2005:030
(UNKNOWN)  MANDRAKE  MDKSA-2005:030
http://www.redhat.com/support/errata/RHSA-2005-072.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:072
http://www.securityfocus.com/archive/1/archive/1/426530/30/6600/threaded
(UNKNOWN)  FEDORA  FLSA-2006:178989
http://www.securityfocus.com/bid/12360
(UNKNOWN)  BID  12360
http://xforce.iss.net/xforce/xfdb/19068
(VENDOR_ADVISORY)  XF  dbi-library-file-overwrite(19068)

- 漏洞信息

Perl DBI本地文件破坏漏洞
低危 设计错误
2005-05-02 00:00:00 2005-10-20 00:00:00
本地  
        DBI::ProxyServer是perl的DBI库包含的模块。
        DBI::ProxyServer模块在建立PID文件时不够安全,本地攻击者可以利用这个漏洞通过符号链接以用户进程权限覆盖系统任意文件。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        http://www.debian.org/security/2005/dsa-658

- 漏洞信息 (F35899)

dsa-658.txt (PacketStormID:F35899)
2005-01-26 00:00:00
 
advisory,arbitrary
linux,debian
CVE-2005-0077
[点击下载]

Debian Security Advisory 658-1 - The Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 658-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
January 25th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : libdbi-perl
Vulnerability  : insecure temporary file
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2005-0077

Javier Fern    

- 漏洞信息

13186
Perl DBI Library (libdbi-perl) DBI::ProxyServer Module Insecure Temporary File Creation

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-01-25 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Libdbi-perl Unspecified Insecure Temporary File Creation Vulnerability
Design Error 12360
No Yes
2005-01-25 12:00:00 2006-12-15 08:53:00
Discovery is credited to Javier Fernández-Sanguino Peña.

- 受影响的程序版本

S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1
libdbi-perl libdbi-perl 1.43
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
libdbi-perl libdbi-perl 1.42
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
libdbi-perl libdbi-perl 1.41
+ S.u.S.E. Linux Personal 9.1
libdbi-perl libdbi-perl 1.40
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Red Hat Fedora Core3
libdbi-perl libdbi-perl 1.38
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
libdbi-perl libdbi-perl 1.37
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
libdbi-perl libdbi-perl 1.32
+ S.u.S.E. Linux Personal 8.2
libdbi-perl libdbi-perl 1.30
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
libdbi-perl libdbi-perl 1.28
+ S.u.S.E. Linux 8.1
libdbi-perl libdbi-perl 1.21
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Gentoo Linux 1.4 _rc3
Gentoo Linux 1.4 _rc2
Gentoo Linux 1.4 _rc1
Gentoo Linux 1.4
Gentoo Linux 1.2
Gentoo Linux 1.1 a
Gentoo Linux 0.7
Gentoo Linux 0.5
Gentoo Linux

- 漏洞讨论

The 'libdbi-perl' utility is affected by an unspecified insecure temporary file-creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the presence of a file before writing to it.

An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application.

Debian has reported that this vulnerability affects libdbi-perl 1.21 running on Debian GNU/Linux 3.0 alias 'woody'. Other versions may be affected as well.

- 漏洞利用

An exploit is not required to leverage this issue.

- 解决方案


Please see the referenced vendor advisories for more information and fixes.


libdbi-perl libdbi-perl 1.21

libdbi-perl libdbi-perl 1.28

libdbi-perl libdbi-perl 1.30

libdbi-perl libdbi-perl 1.32

libdbi-perl libdbi-perl 1.37

libdbi-perl libdbi-perl 1.38

libdbi-perl libdbi-perl 1.40

libdbi-perl libdbi-perl 1.41

libdbi-perl libdbi-perl 1.42

libdbi-perl libdbi-perl 1.43

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站