|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 4217 CVE : CVE-2008-3908 CWE : CWE-119 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : No Credit : Rob Holland Published : 06.09.2008
Advisory Content : 2008/08/25 #2008-014 WordNet stack and heap overflows Description: The WordNet 3.0 Unix library and command-line interface suffer from a number of stack overflows due to their handling of command line arguments, environment variables and data read from user supplied dictionaries. The oCERT team was contacted by Moritz Muehlenhoff from the Debian project requesting an audit of the WordNet code base. These vulnerabilities were the findings of the requested audit. Stack overflows fed via the command line, environment variables or WordNet library calls can result in arbitrary code execution. Stack and heap overflows via modified WordNet dictionaries may allow arbitrary code execution. It should be noted that despite the ease with which arbitrary code can be executed via these WordNet flaws, unless WordNet is being used by a daemon or web service running as a user other than that of the attacker, this is unlikely to result in privilege escalation or the ability to take any action not already possible as the attacking user. The following patch fixes the issues: http://www.ocert.org/analysis/2008-014/wordnet.patch Affected version: WordNet = 3.0 Fixed version: Princeton unfortunately lack the resources to produce a new release of this code and will therefore not be releasing a new version as a result of this audit. Credit: Rob Holland, oCERT Team | Inverse Path Ltd CVE: TBD Timeline: 2008-06-02: audit requested 2008-06-25: first phase audit completed 2008-07-15: second phase audit completed 2008-07-19: report and patch sent upstream and to audit requester 2008-08-12: report and patch resent upstream due to lack of response 2008-08-13: upstream acknowledge issues 2008-09-01: advisory release References: http://www.ocert.org/analysis/2008-014/analysis.txt: oCERT vulnerability analysis report Permalink: http://www.ocert.org/advisories/ocert-2008-014.html -- Rob Holland rob (at) ocert (dot) org [email concealed] References : http://www.securityfocus.com/bid/30958
http://http://www.ocert.org/analysis/2008-014/analysis.txt
http://xforce.iss.net/xforce/xfdb/44851
http://xforce.iss.net/xforce/xfdb/44850
http://xforce.iss.net/xforce/xfdb/44849
http://xforce.iss.net/xforce/xfdb/44848
http://www.securityfocus.com/archive/1/archive/1/495883/100/0/threaded
http://www.ocert.org/analysis/2008-014/wordnet.patch  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |