安全研究

安全漏洞
KETM本地缓冲区溢出漏洞

发布日期:2005-12-23
更新日期:2005-12-23

受影响系统:
KETM KETM 0.0.6
描述:
BUGTRAQ  ID: 16049
CVE(CAN) ID: CVE-2005-3535

KETM(Kill every thing that moves)是一款2D纵向射击游戏。

KETM中存在本地可利用的缓冲区溢出,可能允许攻击者以组游戏的权限执行任意代码。

<*来源:Steve Kemp (skx@debian.org
  
  链接:http://www.debian.org/security/2005/dsa-926
*>

建议:
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-926-2)以及相应补丁:
DSA-926-2:New ketm packages fix privilege escalation
链接:http://www.debian.org/security/2005/dsa-926

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0.dsc
Size/MD5 checksum:      601 689826ac63e2c43800b4a95477e4e025
http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0.diff.gz
Size/MD5 checksum:   102455 3d95dffde08a37f92b547b0d5c5cdd1f
http://ftp.debian.org/debian/pool/main/k/ketm/ketm_0.0.6.orig.tar.gz
Size/MD5 checksum:  2300316 815dd1ec3d3e34ed563c2e8b846c1873

Alpha architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_alpha.deb
Size/MD5 checksum:  2291294 d3ab0d5c4d226e85b22024ef26225118

ARM architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_arm.deb
Size/MD5 checksum:  2280012 770c1260ba4f98f207b933b85a76c77b

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_i386.deb
Size/MD5 checksum:  2270074 e7d544f6a7c93053e10e6dc57a9cdeca

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_ia64.deb
Size/MD5 checksum:  2314582 157ce41e4b56f4d04a51ea26e45ea701

HP Precision architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_hppa.deb
Size/MD5 checksum:  2304688 ae0eee4fac599d235df518c8aed02220

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_m68k.deb
Size/MD5 checksum:  2265824 e7cf4caad4048013762bf2eef7fbe53c

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_mips.deb
Size/MD5 checksum:  2285898 22b5967929450cfae83a009a864a0428

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_mipsel.deb
Size/MD5 checksum:  2285466 67ad79342e043766c18d331d19927928

PowerPC architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_powerpc.deb
Size/MD5 checksum:  2283386 dabfa2d80c5178e7794a45c438dbd405

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_s390.deb
Size/MD5 checksum:  2272008 92da299f8c913fdf9bd8decf4176cf2c

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-7woody0_sparc.deb
Size/MD5 checksum:  2276286 3baa3ec01cdb1f9288af03703cfa27d5


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1.dsc
Size/MD5 checksum:      618 c16dea02615d3d54ad809da66f353567
http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1.diff.gz
Size/MD5 checksum:    49309 1db837fff1b5ed5e2a37bc6b3874ca70
http://ftp.debian.org/debian/pool/main/k/ketm/ketm_0.0.6.orig.tar.gz
Size/MD5 checksum:  2300316 815dd1ec3d3e34ed563c2e8b846c1873

Architecture independent components:

http://security.debian.org/pool/updates/main/k/ketm/ketm-data_0.0.6-17sarge1_all.deb
Size/MD5 checksum:  2228258 f8e0206d18cb928629636ace10ad898c

Alpha architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_alpha.deb
Size/MD5 checksum:   100182 504db7244cfb3fa3f850d0ee174bf476

AMD64 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_amd64.deb
Size/MD5 checksum:    69582 2c2efd63e76afe5c680193d489815dec

ARM architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_arm.deb
Size/MD5 checksum:    69122 30ff71419a3e106bd067a983ed3db30f

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_i386.deb
Size/MD5 checksum:    61034 a8d7eae4795a1caa3c47dca929e93254

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_ia64.deb
Size/MD5 checksum:   126326 728cd5e277b43ac8aef87cf092478168

HP Precision architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_hppa.deb
Size/MD5 checksum:    89424 22aba3b17b99631d559d59d19ca0f669

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_m68k.deb
Size/MD5 checksum:    50590 ac31fa12be1ac3fad1596d54a41e593b

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_mips.deb
Size/MD5 checksum:    79420 2663c4a81111c9d3c9f43737a6899666

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_mipsel.deb
Size/MD5 checksum:    79134 c461cd34b6ced500a3622ebaf51bd07b

PowerPC architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_powerpc.deb
Size/MD5 checksum:    83890 01c28fdaa89ec3aef148c0ac0dc1656a

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_s390.deb
Size/MD5 checksum:    63110 dd95bef4893b7e5a0722d462a3374c6f

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/k/ketm/ketm_0.0.6-17sarge1_sparc.deb
Size/MD5 checksum:    73232 8e4594ac0f872bad24ef232accb00d9a

补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

浏览次数:3287
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客