Free PC-UNIX security hole memo

Last modified: Thu Apr 5 20:10:48 2001 +0900 (JST)

　Free PC-UNIX に発見された弱点のまとめです。全てが網羅されているわけではもちろんありません。

○ - なにもしなくても問題なし
△ - 問題あり、fix された
× - 問題あり、まだ fix されてない
空白 - 不明

　() 内の日付がオリジナルの日付です。

　このページ、維持しきれないのでやめます。すんません。

2001.04

弱点	official fix	*BSD			Linux
弱点	official fix	Free	Net	Open	RH	Kndr	Vine	Turb	Deb
Interbase Server Contains Compiled-in Back Door Account (2001.01.10)		△
rwhod allows remote denial of service (2001.03.12)		△
timed allows remote denial of service (2001.03.12)		△
cfengine port contains remote root vulnerability (2001.03.12)		△
icecast port contains remote vulnerability (2001.03.12)		△

2001.03

弱点	official fix	*BSD			Linux
弱点	official fix	Free	Net	Open	RH	Kndr	Vine	Turb	Deb
Security advisory: Unsafe temporary file handling in krb4 (MIT info) (2001.03.08)					△
Passive Analysis of SSH (Secure Shell) Traffic (2001.03.19)	OpenSSH 2.5.x				△		Vine 2.1.5 で○
The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. (2001.03.02)			△	△
Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun in the kernel. (2001.03.02)		sys/netinet6/ah_core.c">△	syssrc/sys/netinet6/ah_core.c">△	△
The readline library creates history files with permissive modes based on the user's umask. (2001.03.18)				△
ProFTPD DoS (Multiple vendors FTP denial of service issue) (2001.03.15)	1.2.2rc1	△
Multiple vendors FTP denial of service issue (2001.03.15)
vim priviledge elevation via simple text file (2001.03.22)	5.7.24, 6.0u				△
mutt format bug (2001.03.09)	1.2.5				△
Zope hotfix 2001-03-08: Acquisition context checking (2001.03.08)	2001-03-08
Zope Hotfix 2001-02-23 "Class attribute access" (2001.02.23)	2001-02-23				△				△
[DSA 042-1] xemacs21/gnuserv buffer overflow and weak security (2001.03.08)					△ (7.0, 6.2)				△
[DSA-041-1] joe local attack via joerc (2001.03.09)					△				△
[DSA-040-1] slrn buffer overflow (2001.03.09)					△				△
[DSA-039-1] glibc local file overwrite problems (2001.03.08)									△
[DSA 038-1] New version of sgml-tools available (2001.03.08)					△				△
Midnight Commander Local Arbitrary Program Execution Vuln (2001.03.07)									△
DSA-035-1 man2html: remote denial of service (2001.03.07)									△
ePerl: remote root exploit< (2001.03.07)									△

2001.02

弱点	official fix	*BSD			Linux
弱点	official fix	Free	Net	Open	RH	Kndr	Vine	Turb	Deb
vixie-cron (crontab) buffer overflow (2001.02.12)					△		△
sudo command line buffer overflow (2001.02.19)	1.6.3p6			△	△				△
inetd fails to close sockets for internal services properly (2001.01.25)					△		△
FreeBSD inetd wheel Group File Read Vulnerability (2001.01.29)		△
FreeBSD periodic /tmp File Race Condition Vulnerability (2001.01.29)		△
vnc client/server buffer overflow (bugtraq bid 2305, 2306) (2001.01.29)
Linux man -l Format String Vulnerability (2001.01.31)									△
analog buffer overflow (2001.02.14)	4.16, 4.90beta3				△				△
SSH CRC-32 Compensation Attack Detector Vuln., SSH protocol 1.5 session key recovery vuln. (2001.02.09)	ssh 2.x, OpenSSH 2.3.0	△							△
Response to ProFTPD issues (2001.02.07)	1.2.0rc3						△		△
FreeBSD ipfw Filtering Evasion Vulnerability (2001.01.24)		△	○	○	○	○	○	○	○
Wu-Ftpd Debug Mode Client Hostname Format String Vulnerability (2001.01.23)
bing gethostbyaddr Buffer Overflow Vulnerability (2001.01.19)
Icecast Buffer Overflow Vulnerability (2001.01.22)					△

2001.01

弱点	official fix	*BSD			Linux
弱点	official fix	Free	Net	Open	RH	Kndr	Vine	Turb	Deb
bind 4.9.x/8.2.x bug (2001.01.30)	4.9.8, 8.2.3	△	△	△	△	△	△	△	△
format string vulnerability in mars_nwe 0.99pl19 (2001.01.27)
Tinyproxy 1.3.3 Heap Overflow Vuln. (2001.01.)	1.3.3a	△							△
Iomega JaZip 0.32 (xforms) Buffer Overflow Vuln. (2001.01.14)	0.33								△
Mysql < 3.23.31 Local Buffer Overflow Vulnerability (2001.01.19)	3.23.31				△	△			△
sash broken maintainer script< (2001.01.23)									△
splitvt 1.6.4 Format String Vuln. (2001.01.15)	1.6.5								△
mICQ 0.4.6 Remote Buffer Overflow Vulnerability (2001.01.18)	0.4.6.1	△			△				△
fetchmail AUTHENTICATE GSSAPI bug (2000.12.27)								△
pam_localuser buffer overflow vuln. (2000.11.29)					△	△	△	△
PHP 4 .htaccess Attribute Transfer Vuln., Engine Disable Source Viewing Vuln. (2001.01.16)	4.0.4pl1				△				△
pdnsd did not drop supplementary group ID when changing user and group id (2000.10.19)	1.0.13					△
zope allows escalation of privileges, DHTML editing vuln. (2000.12.18)	2.2.5	△			△ (zope, hotfix 1, 2)				△
GnuPG Silent Import of Secret Keys Vulnerability (2000.12.25)									△
dialog /tmp File Race Condition Vulnerability (2000.12.25)									△
shadow-utils /etc/default Temp File Race Condition Vulnerability (2001.01.10)
rdist /tmp File Race Condition Vulnerability (2001.01.10)
getty_ps /tmp File Race Condition Vulnerability (2001.01.10)
sdiff (GNU diffutils) /tmp File Race Condition Vulnerability (2001.01.10)
inn /tmp File Race Condition Vulnerability (2001.01.10)									△
wu-ftpd 2.6.1 /tmp File Race Condition Vulnerability (2001.01.10)						△			△
gpm /tmp File Race Condition Vulnerability (2001.01.10)
mgetty /tmp File Race Condition Vulnerability (2001.01.10)	1.1.24								△
linuxconf /tmp File Race Condition Vulnerability (2001.01.10)
squid /tmp File Race Condition Vulnerability (2001.01.10)	2.4. STABLE1								△
Immunix arpwatch (tcpdump) /tmp File Race Condition Vulnerability (2001.01.10)						△
Immunix 7.0 Apache /tmp File Race Vulnerability (2001.01.10)									△
glibc RESOLV_HOST_CONF File Read Access Vulnerability, LD_PRELOAD File Overwriting Vulnerbility (2001.01.10, 16)					△	△	△	△	△

　その他の OS の情報入手先:

過去の記事: 2000

私について