Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 Tenable Network Security, Inc.GENTOO_GLSA-200807-03.NASL
HistoryJul 10, 2008 - 12:00 a.m.

GLSA-200807-03 : PCRE: Buffer overflow

2008-07-1000:00:00
This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.
www.tenable.com
10
JSON

The remote host is affected by the vulnerability described in GLSA-200807-03 (PCRE: Buffer overflow)

Tavis Ormandy of the Google Security team reported a heap-based buffer     overflow when compiling regular expression patterns containing     'Internal Option Settings' such as '(?i)'.

Impact :

A remote attacker could exploit this vulnerability by sending a     specially crafted regular expression to an application making use of     the PCRE library, which could possibly lead to the execution of     arbitrary code or a Denial of Service.

Workaround :

There is no known workaround at this time.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200807-03.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(33460);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2008-2371");
  script_xref(name:"GLSA", value:"200807-03");

  script_name(english:"GLSA-200807-03 : PCRE: Buffer overflow");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200807-03
(PCRE: Buffer overflow)

    Tavis Ormandy of the Google Security team reported a heap-based buffer
    overflow when compiling regular expression patterns containing
    'Internal Option Settings' such as '(?i)'.
  
Impact :

    A remote attacker could exploit this vulnerability by sending a
    specially crafted regular expression to an application making use of
    the PCRE library, which could possibly lead to the execution of
    arbitrary code or a Denial of Service.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200807-03"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All PCRE users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=dev-libs/libpcre-7.7-r1'
    All GLib users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=dev-libs/glib-2.16.3-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:glib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libpcre");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/07/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/07/10");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"dev-libs/libpcre", unaffected:make_list("ge 7.7-r1"), vulnerable:make_list("lt 7.7-r1"))) flag++;
if (qpkg_check(package:"dev-libs/glib", unaffected:make_list("ge 2.16.3-r1", "lt 2.14.0"), vulnerable:make_list("lt 2.16.3-r1"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PCRE");
}
VendorProductVersionCPE
gentoolinuxglibp-cpe:/a:gentoo:linux:glib
gentoolinuxlibpcrep-cpe:/a:gentoo:linux:libpcre
gentoolinuxcpe:/o:gentoo:linux

Related

fedora 4
nessus 18
osv 1
gentoo 2
openvas 38
seebug 2
securityvulns 5
slackware 1
debian 1
prion 1
debiancve 1
ubuntu 3
cve 1
ubuntucve 1
freebsd 1
fedora
fedora
[SECURITY] Fedora 9 Update: glib2-2.16.4-1.fc9
2008-07-03 03:16:40
[SECURITY] Fedora 8 Update: glib2-2.14.6-2.fc8
2008-07-03 03:14:39
[SECURITY] Fedora 9 Update: pcre-7.3-4.fc9
2008-07-06 06:11:43
nessus
nessus
Fedora 8 : glib2-2.14.6-2.fc8 (2008-6025)
2008-07-08 00:00:00
Slackware 12.0 / 12.1 / current : pcre (SSA:2008-210-09)
2008-07-29 00:00:00
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : pcre3 vulnerability (USN-624-1)
2008-07-15 00:00:00
osv
osv
pcre3 - arbitrary code execution
2008-07-05 00:00:00
gentoo
gentoo
PCRE: Buffer overflow
2008-07-07 00:00:00
PHP: Multiple vulnerabilities
2008-11-16 00:00:00
openvas
openvas
Fedora Update for glib2 FEDORA-2008-6025
2009-02-17 00:00:00
Ubuntu: Security Advisory (USN-624-1)
2009-03-23 00:00:00
Slackware Advisory SSA:2008-210-09 pcre
2012-09-11 00:00:00
seebug
seebug
PCRE θ§„εˆ™θ‘¨θΎΎεΌε †ηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž
2008-07-08 00:00:00
PCRE pcre_compile.cζ–‡δ»Άε †ζΊ’ε‡ΊζΌζ΄ž
2008-07-07 00:00:00
securityvulns
securityvulns
PCRE library buffer overflow
2008-07-07 00:00:00
PCRE buffer overflow
2008-07-18 00:00:00
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution
2008-07-07 00:00:00
slackware
slackware
[slackware-security] pcre
2008-07-29 05:34:14
debian
debian
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution
2008-07-05 12:37:12
prion
prion
Heap overflow
2008-07-07 23:41:00
debiancve
debiancve
CVE-2008-2371
2008-07-07 23:41:00
ubuntu
ubuntu
PCRE vulnerability
2008-07-15 00:00:00
Erlang vulnerability
2010-04-09 00:00:00
PHP vulnerabilities
2008-07-23 00:00:00
cve
cve
CVE-2008-2371
2008-07-07 23:41:00
ubuntucve
ubuntucve
CVE-2008-2371
2008-07-07 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2008-12-04 00:00:00
JSON
Related for GENTOO_GLSA-200807-03.NASL
fedora4nessus18osv1gentoo2openvas38seebug2securityvulns5slackware1debian1prion1debiancve1ubuntu3cve1ubuntucve1freebsd1