Lucene search
RootSSV:15059HistoryDec 14, 2009 - 12:00 a.m.
GNU Coreutils不安全临时文件建立漏洞
2009-12-1400:00:00
Root
www.seebug.org
7
0.0004 Low
EPSS
Percentile
8.6%
Bugraq ID: 37256
CVE ID:CVE-2009-4135
GNU Coreutils是一套GNU操作系统所使用的基本文件、shell和文本操控工具。。
GNU Coreutils "distcheck" Makefile规则设置/tmp目录用于之后的任务执行,由于不安全建立临时目录,允许本地攻击者执行符号链接攻击或在部分条件下执行任意代码。
GNU Coreutils 5.2.1
GNU Coreutils 8.1
用户可参考如下供应商提供的补丁程序:
http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=ae034822c535fa5
Related
nessus
nessus
Fedora 11 : coreutils-7.2-5.fc11 (2009-13216)
2009-12-18 00:00:00
Mandriva Linux Security Advisory : coreutils (MDVSA-2010:024)
2010-01-25 00:00:00
Fedora 12 : coreutils-7.6-8.fc12 (2009-13181)
2009-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: coreutils-7.2-5.fc11
2009-12-18 04:24:19
[SECURITY] Fedora 12 Update: coreutils-7.6-8.fc12
2009-12-18 04:28:37
securityvulns
securityvulns
[ MDVSA-2010:024 ] coreutils
2010-01-26 00:00:00
GNU coreutils symbolic links vulnerability
2010-01-26 00:00:00
[USN-2473-1] coreutils vulnerabilities
2015-01-19 00:00:00
openvas
openvas
Fedora Core 12 FEDORA-2009-13181 (coreutils)
2009-12-30 00:00:00
Fedora Core 11 FEDORA-2009-13216 (coreutils)
2009-12-30 00:00:00
Mandriva Update for coreutils MDVSA-2010:024 (coreutils)
2010-01-25 00:00:00
cve
cve
CVE-2009-4135
2009-12-11 16:30:00
ubuntucve
ubuntucve
CVE-2009-4135
2009-12-11 00:00:00
prion
prion
Arbitrary file deletion
2009-12-11 16:30:00
debiancve
debiancve
CVE-2009-4135
2009-12-11 16:30:00
ubuntu
ubuntu
coreutils vulnerabilities
2015-01-14 00:00:00