Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200711-21
HistoryNov 17, 2007 - 12:00 a.m.

Bochs: Multiple vulnerabilities

2007-11-1700:00:00
Gentoo Foundation
security.gentoo.org
12

0.0004 Low

EPSS

Percentile

9.3%

JSON

Background

Bochs is a IA-32 (x86) PC emulator written in C++.

Description

Tavis Ormandy of the Google Security Team discovered a heap-based overflow vulnerability in the NE2000 driver (CVE-2007-2893). He also discovered a divide-by-zero error in the emulated floppy disk controller (CVE-2007-2894).

Impact

A local attacker in the guest operating system could exploit these issues to execute code outside of the virtual machine, or cause Bochs to crash.

Workaround

There is no known workaround at this time.

Resolution

All Bochs users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-emulation/bochs-2.3"
OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-emulation/bochs< 2.3UNKNOWN

Related

openvas 8
nessus 6
fedora 2
securityvulns 2
debian 1
prion 3
cvelist 2
cve 3
ubuntucve 2
debiancve 2
openvas
openvas
Gentoo Security Advisory GLSA 200711-21 (bochs)
2008-09-24 00:00:00
Fedora Update for bochs FEDORA-2007-1778
2009-02-27 00:00:00
Gentoo Security Advisory GLSA 200711-21 (bochs)
2008-09-24 00:00:00
nessus
nessus
GLSA-200711-21 : Bochs: Multiple vulnerabilities
2007-11-20 00:00:00
Debian DSA-1351-1 : bochs - buffer overflow
2007-08-13 00:00:00
Fedora 7 : bochs-2.3-7.fc7 (2007-1778)
2007-11-06 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: bochs-2.3-7.fc7
2007-08-24 05:41:26
[SECURITY] Fedora 7 Update: bochs-2.3-5.fc7
2007-07-19 16:45:15
securityvulns
securityvulns
bochs IA-32 emulator privilege escalation
2007-08-08 00:00:00
[SECURITY] [DSA 1351-] New bochs packages fix privilege escalation
2007-08-08 00:00:00
debian
debian
[SECURITY] [DSA 1351-] New bochs packages fix privilege escalation
2007-08-07 00:00:00
prion
prion
Heap overflow
2007-05-30 01:30:00
Design/Logic Flaw
2007-05-30 01:30:00
Design/Logic Flaw
2007-10-30 21:46:00
cvelist
cvelist
CVE-2007-2893
2007-05-30 01:00:00
CVE-2007-2894
2007-05-30 01:00:00
cve
cve
CVE-2007-2894
2007-05-30 01:30:00
CVE-2007-2893
2007-05-30 01:30:00
CVE-2007-1323
2007-10-30 21:46:00
ubuntucve
ubuntucve
CVE-2007-2894
2007-05-30 00:00:00
CVE-2007-2893
2007-05-30 00:00:00
debiancve
debiancve
CVE-2007-2893
2007-05-30 01:30:00
CVE-2007-2894
2007-05-30 01:30:00

0.0004 Low

EPSS

Percentile

9.3%

JSON
Related for GLSA-200711-21
openvas8nessus6fedora2securityvulns2debian1prion3cvelist2cve3ubuntucve2debiancve2