Servicio de control de sitios web de WatchMouse - Soluciones para vulnerabilidades de WatchMouse

Inicio » Productos » Exploración de vulnerabilidades » Exploraciones añadidas recientemente

Soluciones para vulnerabilidades
Exploración de vulnerabilidades - Prueba gratuita
La exploración de vulnerabilidades periódica de WatchMouse busca la vulnerabilidad siguiente. Para ver las soluciones añadidas más recientemente que WatchMouse explora, visite Soluciones para vulnerabilidades.

[GLSA-200810-01] WordNet: Execution of arbitrary code
Categoría: Gentoo Local Security Checks	Factor de riesgo: Medium	Añadido: 9 oct 2008
The remote host is affected by the vulnerability described in GLSA-200810-01 (WordNet: Execution of arbitrary code) Jukka Ruohonen initially reported a boundary error within the searchwn() function in src/wn.c. A thorough investigation by the oCERT team revealed several other vulnerabilities in WordNet: Jukka Ruohonen and Rob Holland (oCERT) reported multiple boundary errors within the searchwn() function in src/wn.c, the wngrep() function in lib/search.c, the morphstr() and morphword() functions in lib/morph.c, and the getindex() in lib/search.c, which lead to stack-based buffer overflows. Rob Holland (oCERT) reported two boundary errors within the do_init() function in lib/morph.c, which lead to stack-based buffer overflows via specially crafted "WNSEARCHDIR" or "WNHOME" environment variables. Rob Holland (oCERT) reported multiple boundary errors in the bin_search() and bin_search_key() functions in binsrch.c, which lead to stack-based buffer overflows via specially crafted data files. Rob Holland (oCERT) reported a boundary error within the parse_index() function in lib/search.c, which leads to a heap-based buffer overflow via specially crafted data files. Impact In case the application is accessible e.g. via a web server, a remote attacker could pass overly long strings as arguments to the "wm" binary, possibly leading to the execution of arbitrary code. A local attacker could exploit the second vulnerability via specially crafted "WNSEARCHDIR" or "WNHOME" environment variables, possibly leading to the execution of arbitrary code with escalated privileges. A local attacker could exploit the third and fourth vulnerability by making the application use specially crafted data files, possibly leading to the execution of arbitrary code. Workaround There is no known workaround at this time. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3908 Solution: All WordNet users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-dicts/wordnet-3.0-r2" Risk factor: Medium

iniciar sesión