CVE-2017-7467
CVSSN/A
发布时间 :2018-07-11 09:29:00
修订时间 :2018-07-12 21:29:01
NMPS    

[原文]A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences. A malicious terminal device could potentially use this flaw to crash minicom, or execute arbitrary code in the context of the minicom process.


[CNNVD]CNNVD数据暂缺。


[机译]译文暂缺.

- CVSS (基础分值)

CVSS暂不可用

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7467
(官方数据源) NVD

- 其它链接及资源

http://www.openwall.com/lists/oss-security/2017/04/18/5
(UNKNOWN)  MLIST  [oss-security] 20170418 CVE-2017-7467: minicom and prl-vzvncserver vt100.c escparms[] buffer overflow
http://www.securityfocus.com/bid/97966
(UNKNOWN)  BID  97966
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7467
(UNKNOWN)  CONFIRM  https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7467
https://security.gentoo.org/glsa/201706-13
(UNKNOWN)  GENTOO  GLSA-201706-13

- 漏洞信息 (F142209)

Slackware Security Advisory - minicom Updates (PacketStormID:F142209)
2017-04-19 00:00:00
Slackware Security Team  slackware.com
advisory
linux,slackware
CVE-2017-7467
[点击下载]

Slackware Security Advisory - New minicom packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  minicom (SSA:2017-108-01)

New minicom packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/minicom-2.7.1-i586-1_slack14.2.txz:  Upgraded.
  Fix an out of bounds data access that can lead to remote code execution.
  This issue was found by Solar Designer of Openwall during a security audit
  of the Virtuozzo 7 product, which contains derived downstream code in its
  prl-vzvncserver component.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/minicom-2.7.1-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/minicom-2.7.1-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/minicom-2.7.1-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/minicom-2.7.1-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/minicom-2.7.1-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/minicom-2.7.1-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/minicom-2.7.1-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/minicom-2.7.1-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/minicom-2.7.1-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/minicom-2.7.1-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/minicom-2.7.1-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/minicom-2.7.1-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/minicom-2.7.1-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/minicom-2.7.1-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 13.0 package:
b7197571bc25f6272a49e016e75260c0  minicom-2.7.1-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
5f90a004fd56dfde61e4edccc6600bf6  minicom-2.7.1-x86_64-1_slack13.0.txz

Slackware 13.1 package:
e719abf9c97fb624c2158d119b29a8e3  minicom-2.7.1-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
d096a62153dbca10477ce9c5b7f3e4cd  minicom-2.7.1-x86_64-1_slack13.1.txz

Slackware 13.37 package:
30b55c08506d65aeb34f788bcf92bbd2  minicom-2.7.1-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
366d9f36aa9126d561493c9c1ee59b8f  minicom-2.7.1-x86_64-1_slack13.37.txz

Slackware 14.0 package:
e02ca4c7e052a60297487d54cea1563e  minicom-2.7.1-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
9b6997e949b872e539d9e20be11c3824  minicom-2.7.1-x86_64-1_slack14.0.txz

Slackware 14.1 package:
3ea4b0a6a5161670203b56b8aa0c091b  minicom-2.7.1-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
fb5e623fffc45aadf7fe97264e761fd9  minicom-2.7.1-x86_64-1_slack14.1.txz

Slackware 14.2 package:
7de4ed4ba12b1868012b2a62365ca441  minicom-2.7.1-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
86031667476f918e824257bbf6d5d05e  minicom-2.7.1-x86_64-1_slack14.2.txz

Slackware -current package:
b41864d475ac9958efe9dd5e48dbddbe  a/minicom-2.7.1-i586-1.txz

Slackware x86_64 -current package:
cba988ccb02f9f8772488928094ed297  a/minicom-2.7.1-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg minicom-2.7.1-i586-1_slack14.2.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlj27BkACgkQakRjwEAQIjMa1gCggd1Fmt3OIcjMHYM8gvRqF3eX
CRIAoIuJtuWZm5yAl8vHH/KlbyghoHdI
=/FGv
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F142827)

Gentoo Linux Security Advisory 201706-13 (PacketStormID:F142827)
2017-06-07 00:00:00
Gentoo  security.gentoo.org
advisory,remote,arbitrary
linux,gentoo
CVE-2017-7467
[点击下载]

Gentoo Linux Security Advisory 201706-13 - An out-of-bounds data access in minicom might allow remote attackers to execute arbitrary code. Versions less than 2.7.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201706-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: minicom: Remote execution of arbitrary code
     Date: June 06, 2017
     Bugs: #615996
       ID: 201706-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An out-of-bounds data access in minicom might allow remote attackers to
execute arbitrary code.

Background
==========

Minicom is a text-based serial port communications program.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  net-dialup/minicom           < 2.7.1                    >= 2.7.1

Description
===========

In minicom before version 2.7.1, the escparms[] buffer in vt100.c is
vulnerable to an overflow.

Impact
======

A remote attacker, able to connect to a minicom port, could possibly
execute arbitrary code with the privileges of the process, or cause a
Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All minicom users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=net-dialup/minicom-2.7.1"

References
==========

[ 1 ] CVE-2017-7467
      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7467

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201706-13

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


--WfvI0nefgDdrkdcleQIeN1B1t5Ircbvaq--

    

- 漏洞信息

Minicom CVE-2017-7467 Local Buffer Overflow Vulnerability
Failure to Handle Exceptional Conditions 97966
No Yes
2017-04-18 12:00:00 2017-04-24 05:08:00
Alexander Peslyak (Openwall)

- 受影响的程序版本

Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
minicom minicom 2.7
minicom minicom 1.83.1
+ Caldera OpenLinux 2.4
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 3.5.1
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ Redhat Linux 7.0
+ Redhat Linux 6.2
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Slackware Linux 7.1
+ Slackware Linux 7.0
minicom minicom 1.83 .0
+ Caldera OpenLinux 2.4
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 3.5.1
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux 6.2
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Slackware Linux 7.1
+ Slackware Linux 7.0
minicom minicom 1.82.1
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 3.5.1
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4
+ Slackware Linux 7.1
+ Slackware Linux 7.0
,minicom minicom 2.7.1

- 不受影响的程序版本

minicom minicom 2.7.1

- 漏洞讨论

Minicom is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to crash minicom or execute arbitrary code in the context of the minicom process. Failed exploit attempts will likely result in denial-of-service conditions.

Versions prior to Minicom 2.7.1 are vulnerable.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站