Search...

libunity memory corruption

2012-11-26T00:00:00

ID SECURITYVULNS:VULN:12727
Type securityvulns
Reporter BUGTRAQ
Modified 2012-11-26T00:00:00

Description

Memory corruption in hash tables handling.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:12727", "bulletinFamily": "software", "title": "libunity memory corruption", "description": "Memory corruption in hash tables handling.", "published": "2012-11-26T00:00:00", "modified": "2012-11-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12727", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:28775"], "cvelist": ["CVE-2012-4551"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:49", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "67b65c35402d35dc409dcecb6340f929"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "a6232e91fa4bce6b63147ad118023bdb"}, {"key": "href", "hash": "1a68c94349d2ffe94c8bf453fe386cd8"}, {"key": "modified", "hash": "594208dc69a797a068f0b8b8688d938c"}, {"key": "published", "hash": "594208dc69a797a068f0b8b8688d938c"}, {"key": "references", "hash": "e7b3cdd4624d0eb950981b68dccb8b42"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "80a4cbd92317619d8a2478f406ca04ea"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "9377ce5b62e88fa12b4defc382823446638b289450700b5dde2ef931b880237f", "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2018-08-31T11:09:49"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "affectedSoftware": []}

{"cve": [{"lastseen": "2016-09-03T17:04:26", "references": ["http://www.openwall.com/lists/oss-security/2012/10/29/3", "https://bugs.launchpad.net/ubuntu/%2Bsource/libunity-webapps/%2Bbug/1068495", "http://bazaar.launchpad.net/~webapps/libunity-webapps/trunk/revision/815", "http://www.securityfocus.com/bid/56314", "http://www.ubuntu.com/usn/USN-1635-1"], "edition": 1, "description": "Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted web site, related to \"certain hash tables.\"", "reporter": "NVD", "published": "2012-11-30T17:55:01", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "cve", "title": "CVE-2012-4551", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-4551"], "scanner": [], "modified": "2012-12-03T00:00:00", "cpe": ["cpe:/a:ps_project_management_team:libunity-webapps:2.3.8", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.6", "cpe:/a:ps_project_management_team:libunity-webapps:0.02", "cpe:/a:ps_project_management_team:libunity-webapps:2.1", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.7", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.9", "cpe:/a:ps_project_management_team:libunity-webapps:2.0", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.3", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.2", "cpe:/a:ps_project_management_team:libunity-webapps:2.4.0", "cpe:/a:ps_project_management_team:libunity-webapps:2.3", "cpe:/a:ps_project_management_team:libunity-webapps:0.3", "cpe:/a:ps_project_management_team:libunity-webapps:2.0.1", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.1", "cpe:/a:ps_project_management_team:libunity-webapps:0.3.1", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.5", "cpe:/a:ps_project_management_team:libunity-webapps:2.3.4", "cpe:/a:ps_project_management_team:libunity-webapps:0.2.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4551", "id": "CVE-2012-4551", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:18", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2012-4551"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "2.4.1-0ubuntu3.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libunity-webapps0", "operator": "lt"}], "description": "It was discovered that libunity-webapps improperly handled certain hash tables. A remote attacker could use this issue to cause libunity-webapps to crash, or possibly execute arbitrary code.", "edition": 3, "reporter": "Ubuntu", "published": "2012-11-21T00:00:00", "title": "libunity-webapps vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-4551"], "modified": "2012-11-21T00:00:00", "id": "USN-1635-1", "href": "https://usn.ubuntu.com/1635-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-12-04T11:21:14", "references": ["1635-1", "http://www.ubuntu.com/usn/usn-1635-1/"], "pluginID": "841220", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1635-1", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-11-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Ubuntu Update for libunity-webapps USN-1635-1", "type": "openvas", "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4551"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841220", "id": "OPENVAS:841220", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1635_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for libunity-webapps USN-1635-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that libunity-webapps improperly handled certain hash\n tables. A remote attacker could use this issue to cause libunity-webapps\n to crash, or possibly execute arbitrary code.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1635-1\";\ntag_affected = \"libunity-webapps on Ubuntu 12.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1635-1/\");\n script_id(841220);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-23 11:53:30 +0530 (Fri, 23 Nov 2012)\");\n script_cve_id(\"CVE-2012-4551\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1635-1\");\n script_name(\"Ubuntu Update for libunity-webapps USN-1635-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libunity-webapps0\", ver:\"2.4.1-0ubuntu3.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:59:45", "references": ["1635-1", "http://www.ubuntu.com/usn/usn-1635-1/"], "pluginID": "1361412562310841220", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1635-1", "edition": 5, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-11-23T00:00:00", "title": "Ubuntu Update for libunity-webapps USN-1635-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4551"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310841220", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841220", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1635_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for libunity-webapps USN-1635-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1635-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841220\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-23 11:53:30 +0530 (Fri, 23 Nov 2012)\");\n script_cve_id(\"CVE-2012-4551\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1635-1\");\n script_name(\"Ubuntu Update for libunity-webapps USN-1635-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1635-1\");\n script_tag(name:\"affected\", value:\"libunity-webapps on Ubuntu 12.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that libunity-webapps improperly handled certain hash\n tables. A remote attacker could use this issue to cause libunity-webapps\n to crash, or possibly execute arbitrary code.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libunity-webapps0\", ver:\"2.4.1-0ubuntu3.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-02T00:05:09", "references": [], "pluginID": "63022", "description": "It was discovered that libunity-webapps improperly handled certain hash tables. A remote attacker could use this issue to cause libunity-webapps to crash, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2012-11-23T00:00:00", "title": "Ubuntu 12.10 : libunity-webapps vulnerability (USN-1635-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4551"], "modified": "2018-08-01T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:libunity-webapps0"], "id": "UBUNTU_USN-1635-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63022", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1635-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63022);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/08/01 17:36:14\");\n\n script_cve_id(\"CVE-2012-4551\");\n script_bugtraq_id(56314);\n script_xref(name:\"USN\", value:\"1635-1\");\n\n script_name(english:\"Ubuntu 12.10 : libunity-webapps vulnerability (USN-1635-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libunity-webapps improperly handled certain\nhash tables. A remote attacker could use this issue to cause\nlibunity-webapps to crash, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libunity-webapps0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libunity-webapps0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libunity-webapps0\", pkgver:\"2.4.1-0ubuntu3.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libunity-webapps0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "references": [], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1635-1\r\nNovember 21, 2012\r\n\r\nlibunity-webapps vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.10\r\n\r\nSummary:\r\n\r\nlibunity-webapps could be made to crash or run programs as your login if it\r\nopened a malicious website.\r\n\r\nSoftware Description:\r\n- libunity-webapps: UnityWebapps library\r\n\r\nDetails:\r\n\r\nIt was discovered that libunity-webapps improperly handled certain hash\r\ntables. A remote attacker could use this issue to cause libunity-webapps\r\nto crash, or possibly execute arbitrary code.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.10:\r\n libunity-webapps0 2.4.1-0ubuntu3.2\r\n\r\nAfter a standard system update you need to restart your session to make all\r\nthe necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1635-1\r\n CVE-2012-4551\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libunity-webapps/2.4.1-0ubuntu3.2\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2012-11-26T00:00:00", "title": "[USN-1635-1] libunity-webapps vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:46", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2012-4551"], "modified": "2012-11-26T00:00:00", "id": "SECURITYVULNS:DOC:28775", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28775", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}