util-linux包含大量底层系统工具。
util-linux不正确验证用户权限,远程攻击者可以利用漏洞绕过安全限制,进行未授权访问。
问题存在于登录进程处理登录时不需要验证,部分参考自身验证的进程允许远程攻击者绕过访问策略,进行未授权访问。
util-linux util-linux 2.12 a
- MandrakeSoft Linux Mandrake 10.2 x86_64
- MandrakeSoft Linux Mandrake 10.2 x86_64
- MandrakeSoft Linux Mandrake 10.2
- MandrakeSoft Linux Mandrake 10.2
- MandrakeSoft Linux Mandrake 10.1 x86_64
- MandrakeSoft Linux Mandrake 10.1 x86_64
- MandrakeSoft Linux Mandrake 10.1
- MandrakeSoft Linux Mandrake 10.1
- RedHat Desktop 4.0
- RedHat Enterprise Linux WS 4
- RedHat Enterprise Linux ES 4
- RedHat Enterprise Linux AS 4
util-linux util-linux 2.12
- MandrakeSoft Corporate Server 3.0 x86_64
- MandrakeSoft Corporate Server 3.0
- MandrakeSoft Linux Mandrake 10.0 AMD64
- MandrakeSoft Linux Mandrake 10.0
- MandrakeSoft Multi Network Firewall 2.0
- Ubuntu Ubuntu Linux 4.1 ppc
- Ubuntu Ubuntu Linux 4.1 ia64
- Ubuntu Ubuntu Linux 4.1 ia32
util-linux util-linux 2.11 z
util-linux util-linux 2.11 u
- MandrakeSoft Corporate Server 2.1 x86_64
- MandrakeSoft Corporate Server 2.1
util-linux util-linux 2.11 r
util-linux util-linux 2.11 n
util-linux util-linux 2.11
util-linux util-linux 2.10
util-linux util-linux 2.9
util-linux util-linux 2.8
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux AS 4
RedHat Desktop 4.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
可联系供应商获得补丁信息:
<a href=“http://rhn.redhat.com/errata/RHSA-2007-0235.html” target=“_blank”>http://rhn.redhat.com/errata/RHSA-2007-0235.html</a>