fulin a pr would most likely result, anlor> entautomd> ialid/ anstabef mentpriv---g0 7adtrumd upda Su fuliexploit e senstv Size/.uTfixe datresult, anaenvironment, creat; o_blann a pre datcgi- be posttnfo.="info_solution">

> - 漏洞描exploitdblearget="_blank">(PacketSt2 onAn exploitnixenottre . s "0" a s

CVE-2006-1695
CVSS1.2
发布时间 :2006-04-11 06:02:00
修订时间 :2017-07-19 21:30:49
NMCOPS    

[原文]The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].


[CNNVD]Fbida FBGS 不安全临时文件创建漏洞 (CNNVD-200604-158)

        当未定义TMPDIR环境变量时,fbi包2.01-1.4中的fbgs脚本允许本地用户借助于对 /var/tmp/fbps-[PID]中的临时文件的符号链接攻击重写任意文件。

- CVSS (基础分值)

CVSS分值: 1.2 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:fbida:fbida:2.02
cpe:/a:fbida:fbida:2.01
cpe:/a:fbida:fbida:2.03

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1695
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1695
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200604-158
(官方数据源) CNNVD

- 其它链接及资源

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361370
(UNKNOWN)  CONFIRM  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361370
http://www.debian.org/security/2006/dsa-1068
(UNKNOWN)  DEBIAN  DSA-1068
http://www.gentoo.org/security/en/glsa/glsa-200604-13.xml
(UNKNOWN)  GENTOO  GLSA-200604-13
http://www.novell.com/linux/security/advisories/2006_19_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:019
http://www.securityfocus.com/bid/17436
(UNKNOWN)  BID  17436
http://www.vupen.com/english/advisories/2006/1281
(UNKNOWN)  VUPEN  ADV-2006-1281
https://exchange.xforce.ibmcloud.com/vulnerabilities/25729
(UNKNOWN)  XF  fbida-fbgs-tmpdir-symlink(25729)

- 漏洞信息

Fbida FBGS 不安全临时文件创建漏洞
低危 设计错误
2006-04-11 00:00:00 2006-04-11 00:00:00
本地  
        当未定义TMPDIR环境变量时,fbi包2.01-1.4中的fbgs脚本允许本地用户借助于对 /var/tmp/fbps-[PID]中的临时文件的符号链接攻击重写任意文件。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        fbida fbida 2.01
        Debian exiftran_2.01-1.2sarge1_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_alpha.deb
        Debian exiftran_2.01-1.2sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_amd64.deb
        Debian exiftran_2.01-1.2sarge1_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_arm.deb
        Debian exiftran_2.01-1.2sarge1_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_hppa.deb
        Debian exiftran_2.01-1.2sarge1_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_i386.deb
        Debian exiftran_2.01-1.2sarge1_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_ia64.deb
        Debian exiftran_2.01-1.2sarge1_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_m68k.deb
        Debian exiftran_2.01-1.2sarge1_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_mips.deb
        Debian exiftran_2.01-1.2sarge1_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_mipsel.deb
        Debian exiftran_2.01-1.2sarge1_powerpc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_powerpc.deb
        Debian exiftran_2.01-1.2sarge1_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_s390.deb
        Debian exiftran_2.01-1.2sarge1_sparc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sa rge1_sparc.deb
        Debian fbi_2.01-1.2sarge1_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ alpha.deb
        Debian fbi_2.01-1.2sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ amd64.deb
        Debian fbi_2.01-1.2sarge1_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ arm.deb
        Debian fbi_2.01-1.2sarge1_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ hppa.deb
        Debian fbi_2.01-1.2sarge1_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ i386.deb
        Debian fbi_2.01-1.2sarge1_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ ia64.deb
        Debian fbi_2.01-1.2sarge1_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ m68k.deb
        Debian fbi_2.01-1.2sarge1_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ mips.deb
        Debian fbi_2.01-1.2sarge1_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ mipsel.deb
        Debian fbi_2.01-1.2sarge1_powerpc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ powerpc.deb
        Debian fbi_2.01-1.2sarge1_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ s390.deb
        Debian fbi_2.01-1.2sarge1_sparc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ sparc.deb
        

- 漏洞信息 (F46507)

Debian Linux Security Advisory 1068-1 (PacketStormID:F46507)
2006-05-22 00:00:00
Debian  debian.org
advisory,denial of service
linux,debian
CVE-2006-1695
[点击下载]

Debian Security Advisory 1068-1 - Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1068-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
May 20th, 2006                          http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : fbi
Vulnerability  : insecure temporary file
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2006-1695
Debian Bug     : 361370

Jan Braun discovered that the fbgs script of fbi, an image viewer for
the framebuffer environment, creates an directory in a predictable manner,
which allows denial of service through symlink attacks.

For the old stable distribution (woody) this problem has been fixed in
version 1.23woody1.

For the stable distribution (sarge) this problem has been fixed in
version 2.01-1.2sarge1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your fbi package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1.dsc
      Size/MD5 checksum:      559 4aa635f3124ac9e654ad25c11f9c1420
    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1.tar.gz
      Size/MD5 checksum:    58027 20831f12eaf6fd6f4faa928ad2d80428

  Alpha architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_alpha.deb
      Size/MD5 checksum:    49472 6004536fd8a9210c041bf7ab4570c254

  ARM architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_arm.deb
      Size/MD5 checksum:    40320 bd6d1d6addcd838e7d0d309b6f1b424a

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_i386.deb
      Size/MD5 checksum:    37476 917af0dcaa790e71eef2d20d6766b472

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_ia64.deb
      Size/MD5 checksum:    60846 8435e5bba35a1e2b82f52102dee7e255

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_hppa.deb
      Size/MD5 checksum:    45078 e1343c5ab373022682ea9659c17642e1

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_m68k.deb
      Size/MD5 checksum:    35324 3331d7b580216a5ba9590c936000b32c

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_mips.deb
      Size/MD5 checksum:    43206 a9234c16f320296bd2167ee97a9c193d

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_mipsel.deb
      Size/MD5 checksum:    43326 05850aa0862a75c0e9340ff3130b2e7a

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_powerpc.deb
      Size/MD5 checksum:    40652 52a8724735c368dad3a6cce4fe2e2986

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_s390.deb
      Size/MD5 checksum:    40358 55e2c97bb3b6e84e65220b8e36fe8bd3

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_1.23woody1_sparc.deb
      Size/MD5 checksum:    38928 0e474d52aac9c49575e09c89cc160dc8


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1.dsc
      Size/MD5 checksum:      735 af3db0f27d3d8bab9b8051dc497abaaa
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1.diff.gz
      Size/MD5 checksum:     4840 66b2f2ed2577ef905865b9c18409994e
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01.orig.tar.gz
      Size/MD5 checksum:   205822 7bf21eae612fd457155533a83ab075c2

  Alpha architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_alpha.deb
      Size/MD5 checksum:    29496 597e1fb3a2a44a3e130e71ee14c7818a
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_alpha.deb
      Size/MD5 checksum:    67638 6a60e3c72741d6e6667d6dc256284361

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_amd64.deb
      Size/MD5 checksum:    24474 b59a585d73a3c28060ad56a3aa7e7f0a
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_amd64.deb
      Size/MD5 checksum:    57326 3e846d45b831c55f960792a033d4eafb

  ARM architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_arm.deb
      Size/MD5 checksum:    22440 6e70ab80e54f70b63a45a0476f883ff7
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_arm.deb
      Size/MD5 checksum:    51178 a53903ec2a00b07c5eaad8acbe91dd4e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_i386.deb
      Size/MD5 checksum:    22644 c62296dbeb5e1aaee865595b6edd6f61
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_i386.deb
      Size/MD5 checksum:    52126 5e8ce488ccf3ae55e9e18586c3dcad7a

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_ia64.deb
      Size/MD5 checksum:    33838 39beccb7cb3e14c5432ca6c7c6aebaa8
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_ia64.deb
      Size/MD5 checksum:    79752 c4dcf30f9d03eea3c2b88744fdb7ecb4

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_hppa.deb
      Size/MD5 checksum:    26856 5e3917309718e88ba92acf987511f828
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_hppa.deb
      Size/MD5 checksum:    60152 9a87a9cf08571d7dde5105e44aac6b09

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_m68k.deb
      Size/MD5 checksum:    20692 5f02a36a487e20139fa44a6578734352
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_m68k.deb
      Size/MD5 checksum:    47274 99544f2a08a563cd49e873d76a4144bb

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_mips.deb
      Size/MD5 checksum:    25992 265989c07aae9d76a9d1413652d550a5
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_mips.deb
      Size/MD5 checksum:    59434 db2964812374a7e991da7d590dfa9da4

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_mipsel.deb
      Size/MD5 checksum:    26058 040e3d982d77cd40118f5249e1dcd996
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_mipsel.deb
      Size/MD5 checksum:    59166 6ad4d70a30f65b1784269b903ea8271a

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_powerpc.deb
      Size/MD5 checksum:    25912 24f98eff47c2ec279c37ed8e678e087a
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_powerpc.deb
      Size/MD5 checksum:    57236 ba603481f53226cfe797714014f2586f

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_s390.deb
      Size/MD5 checksum:    24420 8e769aa578139330b6a1211d51cce264
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_s390.deb
      Size/MD5 checksum:    58016 ec38329e241e32e0a0bd00d114c1c65f

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/f/fbi/exiftran_2.01-1.2sarge1_sparc.deb
      Size/MD5 checksum:    23016 4e89f15043cf08dccc1b84175e632fc2
    http://security.debian.org/pool/updates/main/f/fbi/fbi_2.01-1.2sarge1_sparc.deb
      Size/MD5 checksum:    52440 7adbfbe748f548614c2726265dc8f680


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEb1V/Xm3vHE4uyloRAtilAKDQHjf0Ml01J1wipeYLdQSQB5dV8QCgtf/X
nGrW4UdYYHiiClmReAoKx28=
=p2d1
-----END PGP SIGNATURE-----

    

- 漏洞信息

24478
fbida fbgs /var/tmp/ Symlink Arbitrary File Overwrite
Local Access Required Race Condition
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-04-08 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Un>Fbida FBGS { width: 80px; f: nouss
Fbida FBGS Insecure Temporary ="c ref洏洏洏洏/la 195focus.com> (PacketStormID:F46507) 20060 12/tr>
12-01 08:4900:00:00 漏洞kagejanb洞@gmx.netfo: .="info_solution">

Un>Fbida FBGS { width: 80px; fCVE1at: left; font-weight: bCVE1d; }

- 相关参CVE1d" target="_blank">(PacketStSuSE m/line/MD5 E prise SerCVE 8://lis s t; fo } checp://se://lis s s enter"> checp: Si://lis s s enter"> checpppe://lis s s enter"> checp http:://lis s s enter"> checp htt://lis s s enter"> checp 68k://lis s s enter"> checpia-64://lis s s enter"> checpia-32://lis s s enter"> checp htt://lis s s enter"> checparm://lis s s enter"> checpahttp://lis s s enter"> checpahttp://lis s s enter"> chec://lis s s enter"> ch0cp://se://lis s s enter"> ch0cp: Si://lis s s enter"> ch0cpppe://lis s s enter"> ch0cp http:://lis s s enter"> ch0cp htt://lis s s enter"> ch0cp 68k://lis s s enter"> ch0cpia-64://lis s s enter"> ch0cpia-32://lis s s enter"> ch0cp htt://lis s s enter"> ch0cparm://lis s s enter"> ch0cpahttp://lis s s enter"> ch0 ://lis s s ="info_solution">

ussd; }

- 漏洞描述 u/tablearget="_blank">(PacketStThe '丁下' could pot> ially exploitn fixeissueYou : -----s,y-anobnIdn priv---g0 7adtrumd upda in a prVE datcgi- pertrumrectory in a pre, oabel>tp:/a2"> ----s, ane748con menti filff updatappidtd upda ://li://liA su

Un>FGS { width: 80px; fexploit

Un>FGS { width: 80px; fnow

- 解决方案

ly we you nottawyou entany vhttp:-suppiddate tchrrecutionixeissue. le for feel we you anerary"cenie for you awyou entmorFor t> 7adtrumd upd, ple as mId= us,yt:ew/cdb@bteey U/lists.ntmId=to:w/cdb@bteey U/lists.nt.://list//lisPle as org/ will fetrecutimorFoadtrumd upd anstvhttp: D) fbida 2.01
   ://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        et=://lis get=s enter"> fbida 2.01
 &nbhttp://s://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &nbhttp:/://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n atp://s://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://se://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://sec://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> fbida 2.01
 &n http://s://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
        
et=://lis get=s enter"> 30e71ee14c7818a http://s://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://sl/updates/main/f/fbi/fbi_2.01-1.2sarge1_" target="_blank" rel="nofollow" bsp; :.com>et=://lis get=s enter"> 0ad56a3aa7e7f0a http://s://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://sl/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" bhttp://s:.com>et=://lis get=s enter"> a45a0476f883ff7 http:/://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http:/l/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" bhttp:/:.com>et=://lis get=s enter"> 92acf987511f828 http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://l/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://:.com>et=://lis get=s enter"> 865595b6edd6f61 http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://l/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://:.com>et=://lis get=s enter"> 32ca6c7c6aebaa8 http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a atp://sl/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" atp://s:.com>et=://lis get=s enter"> fa44a6578734352 http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://l/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://:.com>et=://lis get=s enter"> 9d1413652d550a5 http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://l/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://:.com>et=://lis get=s enter"> 18f5249e1dcd996 http://se://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://sel/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://se:.com>et=://lis get=s enter"> c37ed8e678e087a http://sec://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://secl/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://sec:.com>et=://lis get=s enter"> 6a1211d51cce264 http://://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://l/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://:.com>et=://lis get=s enter"> c1b84175e632fc2 http://s://li enter"> Size/MD5 checksum: 38://lis s x 3.1 alias sarge
      &30e71ee14c7818a http://sl/updates/main/f/fbi/exiftran_2.01-1.2sa" target="_blank" rel="nofollow" http://s:.com>et=://lis s =" <

Un>FGS { width: 80px; f>

- 相关参考

ADV-2006-1281
  • Vendor Specific News/Changelog E>> :tabas--------------Size/mitre.el>漏洞)://li:/et=s get=ank">ADV-2006-12 tetstorm"an id="pm_info350pxf" class="pm">- cellp wil="pm"cell" bcwil="pm
    che s--v ibdshar _t bds_ s_32 get- syms-bdshar v ibds_tsina"pacav ibds_tqq"pacav ibds_renren"pacav ibds_t163"pacav ibds_fx"pacav ibds_baidu"pacav i< fo } shar Count"pacav i java wn orbdshar _js"s.lis> /tr> s&un o5376177" packetstorm" java wn orbdshell_d="packetstorm" java 2006-1695 不安全临时 创建click= - SCAP中 社区'}; docuhat .getElehat ById(rbdshell_d=").src = -2006-128dimg.shar .baidus.nta tetstorm"a!-- Baidu Butto>DQHj--v i 漏洞信息 (F46507)
    ds-t">Aad"pacYYHiiC java var ds = docuhat .e fbgsElehat (' '); ds. --v i 00:00 h="v top
  • si> lank""Menus"s--v i 0d> 8= =/table>gadget"v i 0d> S {tp:/数据库ef')"> clr"pacYYHiiC sb_ unu"v i 0d> gn="t=ank">ADV-cve_seity-ref="htp:/高级检索:.com>et= i 0d> gn="t=ank">ADV-cve_hive.php?asoon.=r t> ">最新p:/列表:.com>et= i 0d> gadget"v i 0d> hidden""v 1" /> i 0d> S {t检索p:/time')"> lminputlank""cveid"
    seity-box wn orcveid" placehol6507)输入="p键字或p:/ linu" sizr> 23" 请按照>2006-13-0707、6-130707的格式输入查看>20,或者输入="p键字检索。"/')"> lmbr / Un>Fbi> lminput butto>"lank""submit2 wn orsubmit2 w send""v 查看/检索p:/" width: : cve()"/')"mbr / Un>Fbiable widtctrum dYYHiiClsp 8= =/table>gadget"v i 0d> S {t="p于p:/time')" clr"pacYYHiiC sb_ unu"v i 0d> gn="t=ank">ADV-ar le_cve_about- veref="htp:/ l准概述:.com>et= i 0d> gn="t=ank">ADV-ar le_cve_a/MD5 checks- veref="htp:/ l准架构:.com>et= i 0d> gadget"v i 0d> S {tp:/资源ef')"> clr"pacYYHiiC sb_ unu"v i 0d> gn="t=ank">ADV-cve_ar lesref="htp:/ 章列表:.com>et= i 0d> gn="t=ank">ADV-ar le_cve_tall corr- veref="htp:/资源列表:.com>et= i 0d>
    --v i 0sp 8= =/table>gadget"v i 0d> S {tWise WF46sef')"> clr"pacYYHiiC wisewF46s"paimgw 19" /> We c folet circuhxeances rulu dp,"cenwe c fotake chollo anstrulu (sidlLinuected within.aimgw 19" /> p la wisewF46s者 8= =/table>clr"pacYYHiiC < h type=5px"pacYYHiiC n> (F46507) cell" bcwil="pmcellp wil="pm"ctable>fbg_talizrm top >S {t< ft="p于SCAPack

    ADV-aboutref="ht="p于本站]:.co。0:00 th="pm_info3" v

    top >S {t< ft版a声明ack

    ADV-2006-12measur /main/f/f1459/" tatarget="_blank">19MITREn="c的ick="p网站:.co。0:00 th="pm_info3" v

    top >Swb:foglow-butto> un o"1418901063" red_4"洏洏30" h type> 64" pacwb:foglow-butto>> n8= =tr td> h type=5px"pacYYHiiCn8= =tr td> (F46507) cell" bcwil="pmcellp wil="pm"ctable>fges "v i 0d><
    color:#FFF">© Chpyrtype 6-14ory URLorary ="c eibot="_bu/1418901063" 19@evan-cs/mitr. CCERT.ack

    color:#FFF">京ICP备14_00297号-2ack

    top >Sul

    ul_friends"palili_friends"pay URLorary ="c ryouxia> 19游侠安全网:.com>et=:lili_friends"pay URLorary ="c rfreebuft="_b" 19FreebuFt="_:.com>et=:lili_friends"pay URLorary ="c r/makungfut="_b" 19安全功夫:.com>et=:lili_friends"pay URLorary ="c bobylLint="_b" 19FiRLoly风物:.com>et=:lili_friends"pay URLorary ="c sebug.netb" 19Sebugclick=aefcom>et=:lili_friends"pay URLorary ="c rcn-hack.netb" 19黑客榜中 efcom>et=:lili_friends"pay URLorary ="c rnxadmint="_b" 19阿德马web安全efcom>et=:lili_friends"pay URLorary ="c rduusut="_b" 19独速efcom>et=:lili_friends"pay URLorary ="c eb2hack. 19 eb2hackefcom>et=:lili_friends"pay URLorary ="c rdadli> 19大胆's BLOGefcom>et=:lili_friends"pay URLorary ="c rcnnet/mat="_b" 19InfoSecLabefcom>et=:lili_friends"pay URLorary ="c r91ri" tatarget="_blank">19安全攻防实验室efcom>et=:lili_friends"pay URLorary ="c rpediyt="_b" 19看雪学院:.com>et=:lili_friends"pay URLorary ="c sec-wikit="_" 19SecWikiefcom>et=:lili_friends"pay URLorary ="c rcnhack..nt.cnb" 19黑客中 网:.com>et=:lili_friends"pay URLorary ="c ridaofengt="_b" 19刀锋安全efcom>et=:lili_friends"pay URLorary ="c sec007.ccb" 19安全凌凌柒:.com>et=:lili_friends"pay URLorary ="c rrptc参t="_" 19瑞鹏天乘科技:.com>et=:lili_friends"pay URLorary ="c r8119BugSec:.com>et=:lili_friends"pay URLorary ="c r1937cnt="_bforum.php" 19中国网军n="盟efcom>et=:lili_friends"pay URLorary ="c r(silove520t="_" 19IT学习网:.com>et=:lili_friends"pay URLorary ="c edu.gooannt="_b" 19谷安网校efcom>et=:lili_friends"pay URLorary ="c rmetasploit.cnb" 19渗透测试efcom>et=:lili_friends"pay URLorary ="c rhdh prVEt="_b" 19黑盾科技论坛efcom>et=:lili_friends"pay URLora#" 请在微博私"pm(发邮件至nk"gkew@gmId=t="_申请19您的 ...efcom>et=: acYYHiiCn8= =tr td> display:non v i< java e(unescape("%3C ' java '%3E%3C tetsto%3E"));iC tetstor acYYHiiCm"a!-- Piwiks--v i< java < i var _paq = _paq || [];iC _paq.push(['tr prPa38View']);iC _paq.push(['en LinkTr prwil']);iC (funsoon.()/div ar u=((ary =s:" == docuhat . updaprotocol) ? "ry =s" : "ry =") + ""c r/capt ' java ';iC Node.----rtBefore(g,s);iC })(); iC tetstor anotetstorep aimgwry ="c r/capt (F4650:0 p