漏洞信息详情

Xlockmore 4.16缓冲区溢出漏洞

漏洞简介

4.16及更早版本的xlockmore xlock程序存在缓冲区溢出漏洞。本地用户借助超长-mode选项可以从内存中读取敏感数据。

漏洞公告

This vulnerability has been fixed in (at least) the NetBSD package sources. To remove the package: pkg_delete -v xlockmore To build / install the new version: cd pkgsrc/x11/xlockmore; make clean; make install NetBSD binaries are available at: ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/x11/xlockmore/README.html Mandrake Linux: To upgrade automatically, use ? MandrakeUpdate ?. If you want to upgrade manually, download the updated package from one of the FTP server mirrors and uprade with "rpm -Uvh package_name". All mirrors are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are available in the "updates/" directory. For example, if you are looking for an updated RPM package for Mandrake 7.0, look for it in: updates/7.0/RPMS/

参考网址

来源: BID 名称: 1267 链接:http://www.securityfocus.com/bid/1267 来源: NAI 名称: 20000529 Initialized Data Overflow in Xlock 链接:http://www.nai.com/nai_labs/asp_set/advisory/41initialized.asp 来源: TURBO 名称: TLSA2000012-1 链接:http://archives.neohapsis.com/archives/bugtraq/2000-05/0375.html 来源: NETBSD 名称: NetBSD-SA2000-003 链接:ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-003.txt.asc

受影响实体

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多