ELinks 'loadmsgcat.c' 未信任搜索路径漏洞

CNNVD-ID编号	CNNVD-200704-247
CVE编号	CVE-2007-2027
发布时间	2007-04-13
更新时间	2007-08-02
漏洞类型	格式化字符串
漏洞来源	Arnaud Giersch is credited with discovery of this vulnerability.
危险等级	中危
威胁类型	本地
厂商	elinks

漏洞介绍

Elinks的intl/gettext/loadmsgcat.c中的add_filename_to_string函数存在未信任搜索路径漏洞。本地用户可以通过造成Elinks使用\"../po\"\"目录中的不可信的gettext通讯录，执行格式化字符串攻击。

漏洞补丁

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

ELinks ELinks 0.10.6

Ubuntu elinks-lite_0.10.6-1ubuntu3.1_amd64.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.10.6-1ubuntu3.1_amd64.deb

Ubuntu elinks-lite_0.10.6-1ubuntu3.1_i386.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.10.6-1ubuntu3.1_i386.deb

Ubuntu elinks-lite_0.10.6-1ubuntu3.1_powerpc.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.10.6-1ubuntu3.1_powerpc.deb

Ubuntu elinks-lite_0.10.6-1ubuntu3.1_sparc.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.10.6-1ubuntu3.1_sparc.deb

Ubuntu elinks-lite_0.11.1-1ubuntu2.1_amd64.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1ubuntu2.1_amd64.deb

Ubuntu elinks-lite_0.11.1-1ubuntu2.1_i386.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1ubuntu2.1_i386.deb

Ubuntu elinks_0.10.6-1ubuntu3.1_amd64.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.10.6-1ub

untu3.1_amd64.deb

Ubuntu elinks_0.10.6-1ubuntu3.1_i386.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.10.6-1ub

untu3.1_i386.deb

Ubuntu elinks_0.10.6-1ubuntu3.1_powerpc.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.10.6-1ub

untu3.1_powerpc.deb

Ubuntu elinks_0.10.6-1ubuntu3.1_sparc.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.10.6-1ub

untu3.1_sparc.deb

Ubuntu elinks_0.11.1-1ubuntu2.1_amd64.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1ub

untu2.1_amd64.deb

ELinks ELinks 0.11.1

Ubuntu elinks-lite_0.11.1-1.2ubuntu2.1_amd64.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1.2ubuntu2.1_amd64.deb

Ubuntu elinks-lite_0.11.1-1.2ubuntu2.1_i386.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1.2ubuntu2.1_i386.deb

Ubuntu elinks-lite_0.11.1-1.2ubuntu2.1_powerpc.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1.2ubuntu2.1_powerpc.deb

Ubuntu elinks-lite_0.11.1-1.2ubuntu2.1_sparc.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1.2ubuntu2.1_sparc.deb

Ubuntu elinks-lite_0.11.1-1ubuntu2.1_amd64.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1ubuntu2.1_amd64.deb

Ubuntu elinks-lite_0.11.1-1ubuntu2.1_i386.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1ubuntu2.1_i386.deb

Ubuntu elinks-lite_0.11.1-1ubuntu2.1_powerpc.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1ubuntu2.1_powerpc.deb

Ubuntu elinks-lite_0.11.1-1ubuntu2.1_sparc.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/universe/e/elinks/elinks-lite_0

.11.1-1ubuntu2.1_sparc.deb

Ubuntu elinks_0.11.1-1.2ubuntu2.1_amd64.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1.2

ubuntu2.1_amd64.deb

Ubuntu elinks_0.11.1-1.2ubuntu2.1_i386.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1.2

ubuntu2.1_i386.deb

Ubuntu elinks_0.11.1-1.2ubuntu2.1_powerpc.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1.2

ubuntu2.1_powerpc.deb

Ubuntu elinks_0.11.1-1.2ubuntu2.1_sparc.debUbuntu 7.04:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1.2

ubuntu2.1_sparc.deb

Ubuntu elinks_0.11.1-1ubuntu2.1_amd64.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1ub

untu2.1_amd64.deb

Ubuntu elinks_0.11.1-1ubuntu2.1_i386.debUbuntu 6.06 LTS:

http://security.ubuntu.com/ubuntu/pool/main/e/elinks/elinks_0.11.1-1ub

untu2.1_i386.deb

Ubuntu elinks_0.11.1-1ubuntu2.1_powerpc.debUbuntu 6.06 LTS:

http://s

参考网址

来源: VUPEN

名称: ADV-2007-1686

链接：http://www.frsirt.com/english/advisories/2007/1686
来源: bugzilla.redhat.com

链接：https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235411
来源: UBUNTU

名称: USN-457-1

链接：http://www.ubuntu.com/usn/usn-457-1
来源: BID

名称: 23844

链接：http://www.securityfocus.com/bid/23844
来源: GENTOO

名称: GLSA-200706-03

链接：http://security.gentoo.org/glsa/glsa-200706-03.xml
来源: SECUNIA

名称: 25550

链接：http://secunia.com/advisories/25550
来源: SECUNIA

名称: 25255

链接：http://secunia.com/advisories/25255
来源: SECUNIA

名称: 25198

链接：http://secunia.com/advisories/25198
来源: SECUNIA

名称: 25169

链接：http://secunia.com/advisories/25169
来源: OSVDB

名称: 35668

链接：http://osvdb.org/35668

受影响实体

Elinks Elinks:0.11.1

信息来源

http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200704-247