xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

CDE LibDTHelp DTHelpUserSearchPath本地缓冲区溢出漏洞


发布时间:2003-11-04
更新时间:2003-11-04
严重程度:
威胁程度:本地管理员权限
错误类型:边界检查错误
利用方式:服务器模式

BUGTRAQ ID:8973
CVE(CAN) ID:CAN-2003-0834

受影响系统
Compaq Tru64 4.0 g PK4 (BL22)
Compaq Tru64 4.0 g PK3 (BL17)
Compaq Tru64 4.0 g
Compaq Tru64 4.0 f PK8 (BL22)
Compaq Tru64 4.0 f PK7 (BL18)
Compaq Tru64 4.0 f PK6 (BL17)
Compaq Tru64 4.0 f
Compaq Tru64 5.0 f
Compaq Tru64 5.0 a PK3 (BL17)
Compaq Tru64 5.0 a
Compaq Tru64 5.0 PK4 (BL18)
Compaq Tru64 5.0 PK4 (BL17)
Compaq Tru64 5.0
Compaq Tru64 5.1 PK6 (BL20)
Compaq Tru64 5.1 PK5 (BL19)
Compaq Tru64 5.1 PK4 (BL18)
Compaq Tru64 5.1 PK3 (BL17)
Compaq Tru64 5.1
HP HP-UX 11.0
HP HP-UX 11.11
HP HP-UX 11.22
HP HP-UX 11.23
SCO Open UNIX 8.0
SCO Unixware 7.1.1
SCO Unixware 7.1.3
Sun Solaris 7.0 _x86
Sun Solaris 7.0
Sun Solaris 8.0 _x86
Sun Solaris 8.0
Sun Solaris 9.0 _x86
Sun Solaris 9.0
详细描述
CDE libDtHelp是CDE显示帮助内容的程序,在处理DTHelpUserSearchPath变量时存在问题,可导致权限提升。

解决方案
补丁下载:

Compaq Tru64 5.1 PK6 (BL20):

HP Patch T64KIT0020835-V51B20-ES-20031124
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT0020835-V51B20-ES-20031124
Patch requires PK6 (BL20)

Compaq Tru64 5.1 PK5 (BL19):

HP Patch T64KIT0020835-V51B20-ES-20031124
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT0020835-V51B20-ES-20031124
Patch requires PK6 (BL20)

Compaq Tru64 5.1 PK4 (BL18):

HP Patch T64KIT0020835-V51B20-ES-20031124
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT0020835-V51B20-ES-20031124
Patch requires PK6 (BL20)

Compaq Tru64 5.1 PK3 (BL17):

HP Patch T64KIT0020835-V51B20-ES-20031124
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT0020835-V51B20-ES-20031124
Patch requires PK6 (BL20)

Compaq Tru64 5.1:

HP Patch T64KIT0020835-V51B20-ES-20031124
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT0020835-V51B20-ES-20031124
Patch requires PK6 (BL20)

HP HP-UX 11.0:

HP Patch PHSS_30010
ftp://ftp.itrc.hp.com/hp-ux_patches/s700_800/11.X/PHSS_30010

HP HP-UX 11.11:

HP Patch PHSS_30011
ftp://ftp.itrc.hp.com/hp-ux_patches/s700_800/11.X/PHSS_30011

HP HP-UX 11.22:

HP Patch PHSS_30012
http://itrc.hp.com

HP HP-UX 11.23:

HP Patch PHSS_30013
http://itrc.hp.com

SCO Unixware 7.1.1:

SCO Patch erg712445.pkg.Z
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.31

SCO Unixware 7.1.3:

SCO Patch erg712445.pkg.Z
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.31

SCO Open UNIX 8.0:

SCO Patch erg712445.pkg.Z
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.31

Sun Solaris 7.0 _x86:

Sun Patch T107179-03
http://sunsolve.sun.com

Sun Solaris 7.0:

Sun Patch T107178-03
http://sunsolve.sun.com

Sun Solaris 8.0 _x86:

Sun Patch T108950-08
http://sunsolve.sun.com

Sun Solaris 8.0:

Sun Patch T108949-08
http://sunsolve.sun.com

Sun Solaris 9.0 _x86:

Sun Patch T116309-01
http://sunsolve.sun.com

Sun Solaris 9.0:

Sun Patch T116308-01
http://sunsolve.sun.com

相关信息
参考:http://www.securityfocus.com/advisories/6022
http://www.securityfocus.com/advisories/6070
http://www.securityfocus.com/advisories/6133
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57414
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved