安全研究
安全漏洞
Cscope sprintf()调用栈溢出漏洞
发布日期:2009-05-04
更新日期:2009-05-07
受影响系统:
Cscope Cscope < 15.7a不受影响系统:
Cscope Cscope 15.7a描述:
BUGTRAQ ID: 34805
CVE(CAN) ID: CVE-2009-0148
Cscope是开发人员用于查看源码的工具。
Cscope的sprintf()调用中存在多个栈溢出漏洞。如果用户受骗查看了特制的文件或目录并使用超长的路径名称或源码字符串调用了有漏洞函数的话,就可能触发这个溢出,导致拒绝服务或执行任意代码。
<*来源:Tomas Hoger (thoger@redhat.com)
链接:http://secunia.com/advisories/34978/
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=490667
http://www.debian.org/security/2009/dsa-1806
http://security.gentoo.org/glsa/glsa-200905-02.xml
https://www.redhat.com/support/errata/RHSA-2009-1101.html
https://www.redhat.com/support/errata/RHSA-2009-1102.html
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1806-1)以及相应补丁:
DSA-1806-1:New cscope packages fix arbitrary code execution
链接:http://www.debian.org/security/2009/dsa-1806
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1.dsc
Size/MD5 checksum: 1175 bf5b3b5991280df7520db37a6ce8c8c6
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6.orig.tar.gz
Size/MD5 checksum: 391223 db87833f90d8267b1fc0c419cfc4d219
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1.diff.gz
Size/MD5 checksum: 30315 08f6bc421b1e8dd3eebb3fa8cd9b817b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_alpha.deb
Size/MD5 checksum: 170266 3b13e268cd5564f9afa60b879bd79d8c
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_amd64.deb
Size/MD5 checksum: 161762 c9c8cf78c0b062a05417223aefce23c3
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_arm.deb
Size/MD5 checksum: 156238 68c4cd9fba37cb7a0482e19aecce8c5f
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_armel.deb
Size/MD5 checksum: 157660 318f6a7fc67df0ffc65944abe87c809e
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_hppa.deb
Size/MD5 checksum: 165382 cde153b1444051187275bdbdee34fe57
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_i386.deb
Size/MD5 checksum: 151112 a5283fb2f802e17bafeed14cdd17e7b4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_ia64.deb
Size/MD5 checksum: 193944 1742e60d0c5cd49021ac3cdf4614cb82
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_mips.deb
Size/MD5 checksum: 166234 03ea9e811e284cdb1a79f3ee9aa9ed94
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_mipsel.deb
Size/MD5 checksum: 165018 ad72b467d114029b499d85f67cc91907
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_powerpc.deb
Size/MD5 checksum: 165280 6f6997805a9b70dbcac46fab353bc34b
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_s390.deb
Size/MD5 checksum: 164250 c6b60c11774775d27b44377947a70951
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cscope/cscope_15.6-6+lenny1_sparc.deb
Size/MD5 checksum: 157986 91e6c07942348657e90c411d04dc5ebc
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2009:1102-01)以及相应补丁:
RHSA-2009:1102-01:Moderate: cscope security update
链接:https://www.redhat.com/support/errata/RHSA-2009-1102.html
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200905-02)以及相应补丁:
GLSA-200905-02:Cscope: User-assisted execution of arbitrary code
链接:http://security.gentoo.org/glsa/glsa-200905-02.xml
所有Cscope用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=3Ddev-util/cscope-15.7a"
Cscope
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://sourceforge.net/project/downloading.php?group_id=4664&filename=cscope-15.7a.tar.bz2
浏览次数:3161
严重程度:0(网友投票)
绿盟科技给您安全的保障