CVE-2006-3619
CVSS2.6
发布时间 :2006-07-25 15:17:00
修订时间 :2011-03-07 21:39:06
NMCOPS    

[原文]Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.


[CNNVD]Gnu GCC FastJar档案提取目录遍历漏洞(CNNVD-200607-409)

        Gnu GCC 4.1.1及之前版本和3.4.6及之前版本使用的FastJar 0.93存在目录遍历漏洞。用户协助式攻击者可以借助含有带"../"序列的文件名的.jar 文件,重写任意文件。

- CVSS (基础分值)

CVSS分值: 2.6 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9617Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attacke...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3619
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200607-409
(官方数据源) CNNVD

- 其它链接及资源

http://www.vupen.com/english/advisories/2007/3229
(UNKNOWN)  VUPEN  ADV-2007-3229
http://www.vupen.com/english/advisories/2006/2866
(UNKNOWN)  VUPEN  ADV-2006-2866
http://www.vupen.com/english/advisories/2005/2686
(UNKNOWN)  VUPEN  ADV-2005-2686
http://www.securityfocus.com/bid/15669
(UNKNOWN)  BID  15669
http://www.osvdb.org/21337
(UNKNOWN)  OSVDB  21337
http://secunia.com/advisories/21100
(VENDOR_ADVISORY)  SECUNIA  21100
http://secunia.com/advisories/17839
(VENDOR_ADVISORY)  SECUNIA  17839
http://lists.debian.org/debian-gcc/2006/05/msg00317.html
(UNKNOWN)  CONFIRM  http://lists.debian.org/debian-gcc/2006/05/msg00317.html
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359
(UNKNOWN)  CONFIRM  http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359
http://xforce.iss.net/xforce/xfdb/27806
(UNKNOWN)  XF  gnugcc-fastjar-directory-traversal(27806)
http://www.securitytracker.com/id?1017987
(UNKNOWN)  SECTRACK  1017987
http://www.redhat.com/support/errata/RHSA-2007-0220.html
(UNKNOWN)  REDHAT  RHSA-2007:0220
http://www.mandriva.com/security/advisories?name=MDVSA-2008:066
(UNKNOWN)  MANDRIVA  MDVSA-2008:066
http://www.debian.org/security/2006/dsa-1170
(UNKNOWN)  DEBIAN  DSA-1170
http://support.avaya.com/elmodocs2/security/ASA-2007-189.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2007-189.htm
http://security.gentoo.org/glsa/glsa-200711-23.xml
(UNKNOWN)  GENTOO  GLSA-200711-23
http://secunia.com/advisories/29334
(UNKNOWN)  SECUNIA  29334
http://secunia.com/advisories/27706
(UNKNOWN)  SECUNIA  27706
http://secunia.com/advisories/26909
(UNKNOWN)  SECUNIA  26909
http://secunia.com/advisories/25894
(UNKNOWN)  SECUNIA  25894
http://secunia.com/advisories/25633
(UNKNOWN)  SECUNIA  25633
http://secunia.com/advisories/25281
(UNKNOWN)  SECUNIA  25281
http://secunia.com/advisories/25098
(UNKNOWN)  SECUNIA  25098
http://secunia.com/advisories/21797
(UNKNOWN)  SECUNIA  21797
http://rhn.redhat.com/errata/RHSA-2007-0473.html
(UNKNOWN)  REDHAT  RHSA-2007:0473
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
(UNKNOWN)  FULLDISC  20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
(UNKNOWN)  SGI  20070602-01-P

- 漏洞信息

Gnu GCC FastJar档案提取目录遍历漏洞
低危 路径遍历
2006-07-25 00:00:00 2006-07-28 00:00:00
远程  
        Gnu GCC 4.1.1及之前版本和3.4.6及之前版本使用的FastJar 0.93存在目录遍历漏洞。用户协助式攻击者可以借助含有带"../"序列的文件名的.jar 文件,重写任意文件。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        GNU gcc 3.0
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.1.1
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2 -7
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2.1
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2.2
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2.2 -5
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2.3
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2.3 -4
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.2.3 -3
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 3.3.3
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 4.0
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 4.0.3
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        GNU gcc 4.1
        GNU jartool.c
        fixes GNU GCC fastjar 3.x and 4.x
        http://gcc.gnu.org/bugzilla/attachment.cgi?id=11904&action=view
        SGI ProPack 3.0 SP6
        SGI Patch 10421
        ftp://oss.sgi.com/projects/sgi_propack/download/
        

- 漏洞信息 (F64552)

Mandriva Linux Security Advisory 2008-066 (PacketStormID:F64552)
2008-03-13 00:00:00
Mandriva  mandriva.com
advisory,arbitrary
linux,mandriva
CVE-2006-3619
[点击下载]

Mandriva Linux Security Advisory - Jurgen Weigert found a directory traversal vulnerability in fastjar versions prior to 0.93. This vulnerability allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filename with ../ sequences.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:066
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : gcc
 Date    : March 13, 2008
 Affected: 2007.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Jurgen Weigert found a directory traversal vulnerability in fastjar
 versions prior to 0.93.  This vulnerability allows user-assisted
 attackers to overwrite arbitrary files via a .jar file containing
 filename with ../ sequences.
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 58c6cf8d35ddfc777fbd48d2417d3bf6  2007.0/i586/gcc-4.1.1-3.1mdv2007.0.i586.rpm
 6d9975dc6f9fc193ee36cfe175646522  2007.0/i586/gcc-c++-4.1.1-3.1mdv2007.0.i586.rpm
 92e7130f0779f2b5d242599c72e21a93  2007.0/i586/gcc-colorgcc-4.1.1-3.1mdv2007.0.i586.rpm
 bc1f9e4d70a6eca97195e7e426d94eb7  2007.0/i586/gcc-cpp-4.1.1-3.1mdv2007.0.i586.rpm
 6a5d27006f95561eca088efa3ac8a43c  2007.0/i586/gcc-doc-4.1.1-3.1mdv2007.0.i586.rpm
 a6c61ac7709a9fd1dd1e4a871ea99043  2007.0/i586/gcc-doc-pdf-4.1.1-3.1mdv2007.0.i586.rpm
 69312eed7668db205af979c3df66a318  2007.0/i586/gcc-gfortran-4.1.1-3.1mdv2007.0.i586.rpm
 240b78599ebd782ada402dd8ac07cb4e  2007.0/i586/gcc-gnat-4.1.1-3.1mdv2007.0.i586.rpm
 8c08be739f5bc62d48f6888adfce5371  2007.0/i586/gcc-java-4.1.1-3.1mdv2007.0.i586.rpm
 0dcfb85325bcf952ce33677b75270da2  2007.0/i586/gcc-objc++-4.1.1-3.1mdv2007.0.i586.rpm
 dbedcd1fd07ab61450e68b0eda6be51a  2007.0/i586/gcc-objc-4.1.1-3.1mdv2007.0.i586.rpm
 324c0689a68357d62c234cc5dadd38fb  2007.0/i586/gcj-tools-4.1.1-3.1mdv2007.0.i586.rpm
 48ba63b8112c0959d9084efa472afa93  2007.0/i586/libffi4-devel-4.1.1-3.1mdv2007.0.i586.rpm
 73889bab4e0d796bdc071d626967d418  2007.0/i586/libgcc1-4.1.1-3.1mdv2007.0.i586.rpm
 dd051e85774c000f0df1bed25acadd8d  2007.0/i586/libgcj7-4.1.1-3.1mdv2007.0.i586.rpm
 2b64429673e3d7885c543869eed39405  2007.0/i586/libgcj7-base-4.1.1-3.1mdv2007.0.i586.rpm
 6dafdb898c7062c867957f1ef88cca09  2007.0/i586/libgcj7-devel-4.1.1-3.1mdv2007.0.i586.rpm
 405a024b5f35c6d5c4e5287e3d26b5e8  2007.0/i586/libgcj7-src-4.1.1-3.1mdv2007.0.i586.rpm
 7cdf5c5b02558d05b905111013f93034  2007.0/i586/libgcj7-static-devel-4.1.1-3.1mdv2007.0.i586.rpm
 782c84424be93b36c234726794115cb1  2007.0/i586/libgfortran1-4.1.1-3.1mdv2007.0.i586.rpm
 ebc2f4a242f6acdc0e31ff9c21c1aa49  2007.0/i586/libgnat1-4.1.1-3.1mdv2007.0.i586.rpm
 f3c06182f6d16414c0fa5df6ccde3a82  2007.0/i586/libmudflap0-4.1.1-3.1mdv2007.0.i586.rpm
 8ece89f2404ebf1fe97b634400892184  2007.0/i586/libmudflap0-devel-4.1.1-3.1mdv2007.0.i586.rpm
 5f960e7ff38589a750b5cbc5a5c6faee  2007.0/i586/libobjc1-4.1.1-3.1mdv2007.0.i586.rpm
 5474e6e7cc1c4be77ac5b5727e33f201  2007.0/i586/libstdc++6-4.1.1-3.1mdv2007.0.i586.rpm
 95abfd3cf0626c9f577c692d657fbe0c  2007.0/i586/libstdc++6-devel-4.1.1-3.1mdv2007.0.i586.rpm
 5b3cf2d98f4fa41287ea01b2d2322049  2007.0/i586/libstdc++6-static-devel-4.1.1-3.1mdv2007.0.i586.rpm 
 1967b73c1d60f91830d851b9fecb3d64  2007.0/SRPMS/gcc-4.1.1-3.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 b33ecc48e1cf4d309c7b0f876cb37885  2007.0/x86_64/gcc-4.1.1-3.1mdv2007.0.x86_64.rpm
 d1ea79d8d432bf5b35c9fa9dbf417d0d  2007.0/x86_64/gcc-c++-4.1.1-3.1mdv2007.0.x86_64.rpm
 6a398f2eef7cdaf45f9ac3aaeb95c4a9  2007.0/x86_64/gcc-colorgcc-4.1.1-3.1mdv2007.0.x86_64.rpm
 84431e6af6d9da3d507b02560aea568e  2007.0/x86_64/gcc-cpp-4.1.1-3.1mdv2007.0.x86_64.rpm
 6bf42856478b49d87ed3e6752934b27c  2007.0/x86_64/gcc-doc-4.1.1-3.1mdv2007.0.x86_64.rpm
 de12ae62fcd46bf0df204c3422081efd  2007.0/x86_64/gcc-doc-pdf-4.1.1-3.1mdv2007.0.x86_64.rpm
 fd633b5c4abb1e754228b2bc5fbf8d75  2007.0/x86_64/gcc-gfortran-4.1.1-3.1mdv2007.0.x86_64.rpm
 1b4464e3ba008428d4cc5ce41ae368e6  2007.0/x86_64/gcc-gnat-4.1.1-3.1mdv2007.0.x86_64.rpm
 d4ac67158a0885fcf731d974450d4b21  2007.0/x86_64/gcc-java-4.1.1-3.1mdv2007.0.x86_64.rpm
 fc9ae07d8c9ef022dc06f1431b1cadc7  2007.0/x86_64/gcc-objc++-4.1.1-3.1mdv2007.0.x86_64.rpm
 af539cfedcf8223ddf4e98e86b492eb5  2007.0/x86_64/gcc-objc-4.1.1-3.1mdv2007.0.x86_64.rpm
 78d4d268e34a928466087f8a8906d2e1  2007.0/x86_64/gcj-tools-4.1.1-3.1mdv2007.0.x86_64.rpm
 13c4aafdea212b2a9071d2cb1648cf8a  2007.0/x86_64/lib64gcj7-4.1.1-3.1mdv2007.0.x86_64.rpm
 18ea5d2ac44c333d985492a4b934fd73  2007.0/x86_64/lib64gcj7-devel-4.1.1-3.1mdv2007.0.x86_64.rpm
 d3f803e71c7bfc82e17336017d76097b  2007.0/x86_64/lib64gcj7-static-devel-4.1.1-3.1mdv2007.0.x86_64.rpm
 14d84d366443c1e8353b254b835c57c1  2007.0/x86_64/libffi4-devel-4.1.1-3.1mdv2007.0.x86_64.rpm
 4a4d4796287df8ffc0700ff25a3bb72c  2007.0/x86_64/libgcc1-4.1.1-3.1mdv2007.0.x86_64.rpm
 16a22a4759afe854c1bb70c02ab640a0  2007.0/x86_64/libgcj7-base-4.1.1-3.1mdv2007.0.x86_64.rpm
 4673d109b440a106a4c28e4f7c14c38c  2007.0/x86_64/libgcj7-src-4.1.1-3.1mdv2007.0.x86_64.rpm
 931acf8beefcfc94fa74bdb9a2fb6741  2007.0/x86_64/libgfortran1-4.1.1-3.1mdv2007.0.x86_64.rpm
 cd831140795f935e7aeb836a01b1d9d4  2007.0/x86_64/libgnat1-4.1.1-3.1mdv2007.0.x86_64.rpm
 aa0461fcd5a1ca7d9b35388625c1d2df  2007.0/x86_64/libmudflap0-4.1.1-3.1mdv2007.0.x86_64.rpm
 eaaa60ca6d94ccbaa2605e81f33fb8d0  2007.0/x86_64/libmudflap0-devel-4.1.1-3.1mdv2007.0.x86_64.rpm
 1f45d52012522d91b36897dd8a081220  2007.0/x86_64/libobjc1-4.1.1-3.1mdv2007.0.x86_64.rpm
 a96b744f79ae638f855af803a27ddc9b  2007.0/x86_64/libstdc++6-4.1.1-3.1mdv2007.0.x86_64.rpm
 31c25bb155dc6e0e3da4ff34778fcd4b  2007.0/x86_64/libstdc++6-devel-4.1.1-3.1mdv2007.0.x86_64.rpm
 70d8b145f369afee787299716a787bc1  2007.0/x86_64/libstdc++6-static-devel-4.1.1-3.1mdv2007.0.x86_64.rpm 
 1967b73c1d60f91830d851b9fecb3d64  2007.0/SRPMS/gcc-4.1.1-3.1mdv2007.0.src.rpm

 Corporate 4.0:
 71fe14c83875a4dc47c0cff7b724903c  corporate/4.0/i586/gcc-4.0.1-5.2.20060mlcs4.i586.rpm
 0e9519ed056b8090ed351f2688a4bfed  corporate/4.0/i586/gcc-c++-4.0.1-5.2.20060mlcs4.i586.rpm
 d7cc7289325e764602a51543e5338583  corporate/4.0/i586/gcc-colorgcc-4.0.1-5.2.20060mlcs4.i586.rpm
 7fca44d524aa4e550dd98d82c65b114a  corporate/4.0/i586/gcc-cpp-4.0.1-5.2.20060mlcs4.i586.rpm
 7b6e17bd92c14863028590ffabb716c1  corporate/4.0/i586/gcc-doc-4.0.1-5.2.20060mlcs4.i586.rpm
 ef55be272ef64be54aec809f1ae6b7f2  corporate/4.0/i586/gcc-doc-pdf-4.0.1-5.2.20060mlcs4.i586.rpm
 46c5b85a7959b05f9f1d159d1da58528  corporate/4.0/i586/gcc-gfortran-4.0.1-5.2.20060mlcs4.i586.rpm
 c14ed855a8b67af9ef68c365f44d806f  corporate/4.0/i586/gcc-gnat-4.0.1-5.2.20060mlcs4.i586.rpm
 9be3558e816bf24bc549d637e94003bc  corporate/4.0/i586/gcc-java-4.0.1-5.2.20060mlcs4.i586.rpm
 e3a707eb235ff691308c3d88f8ebdc95  corporate/4.0/i586/gcc-objc-4.0.1-5.2.20060mlcs4.i586.rpm
 bd925c67c82169d4d14e933d9bb51074  corporate/4.0/i586/gcj-tools-4.0.1-5.2.20060mlcs4.i586.rpm
 6c42630dac5c406a2b02e5188f051ab9  corporate/4.0/i586/libffi4-devel-4.0.1-5.2.20060mlcs4.i586.rpm
 388fd47f55f55b6e642aa2ad996626a9  corporate/4.0/i586/libgcc1-4.0.1-5.2.20060mlcs4.i586.rpm
 23b7b3a094d84ae0ded9803acedb7a59  corporate/4.0/i586/libgcj6-4.0.1-5.2.20060mlcs4.i586.rpm
 281d10f22b04117eb983a1bd54881128  corporate/4.0/i586/libgcj6-base-4.0.1-5.2.20060mlcs4.i586.rpm
 f1663ffc44ed998f8a7e9a6d648795a0  corporate/4.0/i586/libgcj6-devel-4.0.1-5.2.20060mlcs4.i586.rpm
 07ff0be2e7d88897fb0cf6b97d0dbe1c  corporate/4.0/i586/libgcj6-src-4.0.1-5.2.20060mlcs4.i586.rpm
 0ca126ed9d1e2ef3f199c9ab2e8cb66a  corporate/4.0/i586/libgcj6-static-devel-4.0.1-5.2.20060mlcs4.i586.rpm
 82c771e1d525f0bf8a3c4e5f226f456b  corporate/4.0/i586/libgfortran0-4.0.1-5.2.20060mlcs4.i586.rpm
 c66178d1f72f5993f69eb50567ce34f5  corporate/4.0/i586/libgnat1-4.0.1-5.2.20060mlcs4.i586.rpm
 7701b482660d7ee13ae0879068207b9e  corporate/4.0/i586/libmudflap0-4.0.1-5.2.20060mlcs4.i586.rpm
 943442893496b16560ac38c004ff1a51  corporate/4.0/i586/libmudflap0-devel-4.0.1-5.2.20060mlcs4.i586.rpm
 d0b8edd9a7688171f0d3584b3afd5ecf  corporate/4.0/i586/libobjc1-4.0.1-5.2.20060mlcs4.i586.rpm
 bc513aa9905ff0f78c7a94454ee492df  corporate/4.0/i586/libstdc++6-4.0.1-5.2.20060mlcs4.i586.rpm
 ff3e445982935432521fe42e9f4c88dd  corporate/4.0/i586/libstdc++6-devel-4.0.1-5.2.20060mlcs4.i586.rpm
 09fb1cf89b0ae935b7494c60e0914137  corporate/4.0/i586/libstdc++6-static-devel-4.0.1-5.2.20060mlcs4.i586.rpm 
 1b33e2b8e2852d026776b276172e6bfa  corporate/4.0/SRPMS/gcc-4.0.1-5.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4db08f55d3d963addd483c6a34c40182  corporate/4.0/x86_64/gcc-4.0.1-5.2.20060mlcs4.x86_64.rpm
 efd4934552b3539c06582a15c06b139c  corporate/4.0/x86_64/gcc-c++-4.0.1-5.2.20060mlcs4.x86_64.rpm
 c5eb41439de7b70e78a15629e165867f  corporate/4.0/x86_64/gcc-colorgcc-4.0.1-5.2.20060mlcs4.x86_64.rpm
 d1f3493e4f09ba9cac7fd125d073ab48  corporate/4.0/x86_64/gcc-cpp-4.0.1-5.2.20060mlcs4.x86_64.rpm
 ece4a75e9a6f642afff1fb4ff7061247  corporate/4.0/x86_64/gcc-doc-4.0.1-5.2.20060mlcs4.x86_64.rpm
 7594df0c227438cc62d35196c7815c9c  corporate/4.0/x86_64/gcc-doc-pdf-4.0.1-5.2.20060mlcs4.x86_64.rpm
 d3ffd3763c9cb4bede714063ae2c3f03  corporate/4.0/x86_64/gcc-gfortran-4.0.1-5.2.20060mlcs4.x86_64.rpm
 e0e2d0047863ffa88bc9bc8acdc5d7c6  corporate/4.0/x86_64/gcc-gnat-4.0.1-5.2.20060mlcs4.x86_64.rpm
 79e0477bb74c9376fbcd8bb6e9c8330e  corporate/4.0/x86_64/gcc-java-4.0.1-5.2.20060mlcs4.x86_64.rpm
 8456d360cd1744450f13cca4085be21f  corporate/4.0/x86_64/gcc-objc-4.0.1-5.2.20060mlcs4.x86_64.rpm
 9d7655fe63bb6dfcc0f9d768cdce5395  corporate/4.0/x86_64/gcj-tools-4.0.1-5.2.20060mlcs4.x86_64.rpm
 9323d8523489de6fe00a34e6b0b94e29  corporate/4.0/x86_64/lib64gcj6-4.0.1-5.2.20060mlcs4.x86_64.rpm
 86bab684589205eb0a3b237399c29e80  corporate/4.0/x86_64/lib64gcj6-devel-4.0.1-5.2.20060mlcs4.x86_64.rpm
 ac0e7a18370246960f83fc5c860ea4b4  corporate/4.0/x86_64/lib64gcj6-static-devel-4.0.1-5.2.20060mlcs4.x86_64.rpm
 744c75d49c44c3647c09188c338df5f1  corporate/4.0/x86_64/libffi4-devel-4.0.1-5.2.20060mlcs4.x86_64.rpm
 df6e510189df5f4b49ca40349bbf55ef  corporate/4.0/x86_64/libgcc1-4.0.1-5.2.20060mlcs4.x86_64.rpm
 c33b5639cc1f38107f6c13724f464672  corporate/4.0/x86_64/libgcj6-base-4.0.1-5.2.20060mlcs4.x86_64.rpm
 f36d921b37874666bc0e6109c4e820cf  corporate/4.0/x86_64/libgcj6-src-4.0.1-5.2.20060mlcs4.x86_64.rpm
 6d4c0a11afda451dcdfec80f285126ac  corporate/4.0/x86_64/libgfortran0-4.0.1-5.2.20060mlcs4.x86_64.rpm
 4c8905133bb18fb2df81d06216267209  corporate/4.0/x86_64/libgnat1-4.0.1-5.2.20060mlcs4.x86_64.rpm
 1d9de06119c34e1571dbbd4f3f14bd14  corporate/4.0/x86_64/libmudflap0-4.0.1-5.2.20060mlcs4.x86_64.rpm
 6488bacb53aae4b6803b4aa7056a227c  corporate/4.0/x86_64/libmudflap0-devel-4.0.1-5.2.20060mlcs4.x86_64.rpm
 2b4365ae25522057e9fca17377ede3f0  corporate/4.0/x86_64/libobjc1-4.0.1-5.2.20060mlcs4.x86_64.rpm
 80915b32a9fbdcec66c0e9e36173b45b  corporate/4.0/x86_64/libstdc++6-4.0.1-5.2.20060mlcs4.x86_64.rpm
 06c7634e08f1b26e0d30e0e30d1fd0db  corporate/4.0/x86_64/libstdc++6-devel-4.0.1-5.2.20060mlcs4.x86_64.rpm
 c1f978c047ebdfe53253680b8ac84263  corporate/4.0/x86_64/libstdc++6-static-devel-4.0.1-5.2.20060mlcs4.x86_64.rpm 
 1b33e2b8e2852d026776b276172e6bfa  corporate/4.0/SRPMS/gcc-4.0.1-5.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFH2VcfmqjQ0CJFipgRAnwoAKCK0mASV39WEk7wuaHWU7fa3adbxgCff4an
98S+ARNZpv79RTBSIwmgMw8=
=J2jz
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F61140)

Gentoo Linux Security Advisory 200711-23 (PacketStormID:F61140)
2007-11-26 00:00:00
Gentoo  security.gentoo.org
advisory,denial of service,overflow,vulnerability
linux,gentoo
CVE-2004-0813,CVE-2006-3619,CVE-2006-4146,CVE-2006-4600,CVE-2007-0061,CVE-2007-0062,CVE-2007-0063,CVE-2007-1716,CVE-2007-4496,CVE-2007-4497,CVE-2007-5617
[点击下载]

Gentoo Linux Security Advisory GLSA 200711-23 - Multiple vulnerabilities have been discovered in several VMware products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that the DHCP server contains an integer overflow vulnerability, an integer underflow vulnerability and another error when handling malformed packets, leading to stack-based buffer overflows or stack corruption. Rafal Wojtczvk (McAfee) discovered two unspecified errors that allow authenticated users with administrative or login privileges on a guest operating system to corrupt memory or cause a Denial of Service. Another unspecified vulnerability related to untrusted virtual machine images was discovered. Versions less than 6.0.1.55017 are affected.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200711-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: VMware Workstation and Player: Multiple vulnerabilities
      Date: November 18, 2007
      Bugs: #193196
        ID: 200711-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

VMware guest operating systems might be able to execute arbitrary code
with elevated privileges on the host operating system through multiple
flaws.

Background
==========

VMware Workstation is a virtual machine for developers and system
administrators. VMware Player is a freeware virtualization software
that can run guests produced by other VMware products.

Affected packages
=================

    -------------------------------------------------------------------
     Package             /    Vulnerable    /               Unaffected
    -------------------------------------------------------------------
  1  vmware-workstation      < 6.0.1.55017             *>= 5.5.5.56455
                                                        >= 6.0.1.55017
  2  vmware-player           < 2.0.1.55017             *>= 1.0.5.56455
                                                        >= 2.0.1.55017
    -------------------------------------------------------------------
     2 affected packages on all of their supported architectures.
    -------------------------------------------------------------------

Description
===========

Multiple vulnerabilities have been discovered in several VMware
products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that
the DHCP server contains an integer overflow vulnerability
(CVE-2007-0062), an integer underflow vulnerability (CVE-2007-0063) and
another error when handling malformed packets (CVE-2007-0061), leading
to stack-based buffer overflows or stack corruption. Rafal Wojtczvk
(McAfee) discovered two unspecified errors that allow authenticated
users with administrative or login privileges on a guest operating
system to corrupt memory or cause a Denial of Service (CVE-2007-4496,
CVE-2007-4497). Another unspecified vulnerability related to untrusted
virtual machine images was discovered (CVE-2007-5617).

VMware products also shipped code copies of software with several
vulnerabilities: Samba (GLSA-200705-15), BIND (GLSA-200702-06), MIT
Kerberos 5 (GLSA-200707-11), Vixie Cron (GLSA-200704-11), shadow
(GLSA-200606-02), OpenLDAP (CVE-2006-4600), PAM (CVE-2004-0813,
CVE-2007-1716), GCC (CVE-2006-3619) and GDB (CVE-2006-4146).

Impact
======

Remote attackers within a guest system could possibly exploit these
vulnerabilities to execute code on the host system with elevated
privileges or to cause a Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All VMware Workstation users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
">=app-emulation/vmware-workstation-5.5.5.56455"

All VMware Player users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
">=app-emulation/vmware-player-1.0.5.56455"

References
==========

  [ 1 ] CVE-2004-0813
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0813
  [ 2 ] CVE-2006-3619
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619
  [ 3 ] CVE-2006-4146
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146
  [ 4 ] CVE-2006-4600
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600
  [ 5 ] CVE-2007-0061
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0061
  [ 6 ] CVE-2007-0062
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062
  [ 7 ] CVE-2007-0063
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0063
  [ 8 ] CVE-2007-1716
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1716
  [ 9 ] CVE-2007-4496
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4496
  [ 10 ] CVE-2007-4497
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4497
  [ 11 ] CVE-2007-5617
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5617
  [ 12 ] GLSA-200606-02
         http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml
  [ 13 ] GLSA-200702-06
         http://www.gentoo.org/security/en/glsa/glsa-200702-06.xml
  [ 14 ] GLSA-200704-11
         http://www.gentoo.org/security/en/glsa/glsa-200704-11.xml
  [ 15 ] GLSA-200705-15
         http://www.gentoo.org/security/en/glsa/glsa-200705-15.xml
  [ 16 ] GLSA-200707-11
         http://www.gentoo.org/security/en/glsa/glsa-200707-11.xml
  [ 17 ] VMSA-2007-0006

http://lists.vmware.com/pipermail/security-announce/2007/000001.html

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200711-23.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHQKq6uhJ+ozIKI5gRAvyzAJ4tIVlyg3li+eRhWJNDh4UhWVfmGACdEXK5
dbHI84sLa81gvPzWkm/TSZs=
=Lh0/
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F49779)

Debian Linux Security Advisory 1170-1 (PacketStormID:F49779)
2006-09-07 00:00:00
Debian  debian.org
advisory
linux,debian
CVE-2006-3619
[点击下载]

Debian Security Advisory 1170-1 - It was discovered that upon unpacking JAR archives fastjar from the GNU Compiler Collection does not check the path for included files and allows to create or overwrite files in upper directories.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1170-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 6th, 2006                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gcc-3.4
Vulnerability  : missing sanity check
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2006-3619
BugTraq ID     : 15669
Debian Bug     : 368397

J    

- 漏洞信息

27380
Gnu GCC fastjar JAR Processing Traversal Arbitrary File Write
Input Manipulation
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-07-12 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Fastjar Archive Extraction Directory Traversal Vulnerability
Input Validation Error 15669
Yes No
2005-12-01 12:00:00 2008-03-13 08:01:00
tv is credited with the discovery of this vulnerability.

- 受影响的程序版本

VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
SGI ProPack 3.0 SP6
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
GNU gcc 4.1.1
GNU gcc 4.0.1
GNU gcc 3.2.3
FastJar FastJar 0.93
Debian gcc 3.4
Avaya SES 3.1.1
Avaya SES 3.0
Avaya SES 2.0
Avaya Messaging Storage Server MSS 3.0
Avaya Message Networking
Avaya Integrated Management
Avaya EMMC 1.021
Avaya EMMC 1.017
Avaya CVLAN
Avaya Communication Manager 2.0.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
+ Avaya Communication Manager Server S8700
Avaya Communication Manager 2.0
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
+ Avaya Communication Manager Server S8700
Avaya Communication Manager 4.0
Avaya Communication Manager 3.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Communication Manager 3.0
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
+ Avaya Communication Manager Server S8700
Avaya CCS 3.0
Avaya CCS 2.0
Avaya Aura Application Enablement Services 4.0.1
Avaya Aura Application Enablement Services 3.1.3
Avaya Aura Application Enablement Services 3.0
Avaya AES 4.0
Avaya AES 3.1

- 漏洞讨论

Fastjar is prone to a directory-traversal vulnerability because the utility fails to properly sanitize user-supplied data.

An attacker can exploit this vulnerability to overwrite arbitrary files in the context of the user running the vulnerable application. Depending on the files overwritten, this could cause the system to crash or could facilitate unauthorized access; other attacks are also possible.

- 漏洞利用

No exploit is required.

- 解决方案

Please see the referenced advisories for more information.


SGI ProPack 3.0 SP6

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站