Cscope Include文件名缓冲区溢出漏洞

发表评论 (0) 查看评论

漏洞起因
边界条件错误
 
影响系统
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux EUS 5.3.z server
RedHat Enterprise Linux ES 4.8.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4.8.z
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Cscope Cscope 15.5
+ SCO Open Server 5.0.7
+ SCO Open Server 5.0.6
Cscope Cscope 15.4
Cscope Cscope 15.3
Cscope Cscope 15.1
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.4.10
Apple Mac OS X 10.3.9
 
不受影响系统
 
危害
远程攻击者可以利用漏洞以应用程序权限执行任意指令。
 
攻击所需条件
攻击者必须构建恶意源代码文件,诱使用户解析。
 
漏洞信息
Cscope是一款开发人员用于查看源码的工具。
Cscope处理include文件名存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。
 
测试方法
 
厂商解决方案
升级程序:
Apple Mac OS X Server 10.3.9
Apple SecUpdSrvr2007-007Pan.dmg For Mac OS X Server v10.3.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.3.9
Apple SecUpd2007-007Pan.dmg For Mac OS X v10.3.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.10
Apple SecUpd2007-007Ti.dmg For Mac OS X v10.4.10 (PowerPC)
http://www.apple.com/support/downloads/
Apple SecUpd2007-007Univ.dmg For Mac OS X v10.4.10 (Universal)
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.10
Apple SecUpdSrvr2007-007Ti.dmg For Mac OS X Server v10.4.10 (PowerPC)
http://www.apple.com/support/downloads/
Apple SecUpdSrvr2007-007Universal.dmg For Mac OS X Server v10.4.10 (Universal)
http://www.apple.com/support/downloads/
Cscope Cscope 15.3
Debian cscope_15.3-1woody3_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_alpha.deb
Debian cscope_15.3-1woody3_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_arm.deb
Debian cscope_15.3-1woody3_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_hppa.deb
Debian cscope_15.3-1woody3_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_i386.deb
Debian cscope_15.3-1woody3_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_ia64.deb
Debian cscope_15.3-1woody3_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_m68k.deb
Debian cscope_15.3-1woody3_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_mips.deb
Debian cscope_15.3-1woody3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_mipsel.deb
Debian cscope_15.3-1woody3_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_powerpc.deb
Debian cscope_15.3-1woody3_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_s390.deb
Debian cscope_15.3-1woody3_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.3-1woo dy3_sparc.deb
Cscope Cscope 15.5
Debian cscope_15.5-1.1sarge1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_alpha.deb
Debian cscope_15.5-1.1sarge1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_amd64.deb
Debian cscope_15.5-1.1sarge1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_arm.deb
Debian cscope_15.5-1.1sarge1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_hppa.deb
Debian cscope_15.5-1.1sarge1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_i386.deb
Debian cscope_15.5-1.1sarge1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_ia64.deb
Debian cscope_15.5-1.1sarge1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_m68k.deb
Debian cscope_15.5-1.1sarge1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_mips.deb
Debian cscope_15.5-1.1sarge1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_mipsel.deb
Debian cscope_15.5-1.1sarge1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_powerpc.deb
Debian cscope_15.5-1.1sarge1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_s390.deb
Debian cscope_15.5-1.1sarge1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.5-1.1s arge1_sparc.deb
 
漏洞提供者
Jason Duell

发表评论?

0 条评论。

发表评论