Lucene search

K
gentooGentoo FoundationGLSA-200809-15
HistorySep 23, 2008 - 12:00 a.m.

GNU ed: User-assisted execution of arbitrary code

2008-09-2300:00:00
Gentoo Foundation
security.gentoo.org
18

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

75.4%

Background

GNU ed is a basic line editor. red is a restricted version of ed that does not allow shell command execution.

Description

Alfredo Ortega from Core Security Technologies reported a heap-based buffer overflow in the strip_escapes() function when processing overly long filenames.

Impact

A remote attacker could entice a user to process specially crafted commands with ed or red, possibly resulting in the execution of arbitrary code with the privileges of the user running the application.

Workaround

There is no known workaround at this time.

Resolution

All GNU ed users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-apps/ed-1.0"
OSVersionArchitecturePackageVersionFilename
Gentooanyallsys-apps/ed< 1.0UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

75.4%