Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libxslt vulnerabilities (USN-1595-1)

Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Chris Evans discovered that libxslt incorrectly handled generate-id
XPath functions. If a user or automated system were tricked into
processing a specially crafted XSLT document, a remote attacker could
obtain potentially sensitive information. This issue only affected
Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)

It was discovered that libxslt incorrectly parsed certain patterns. If
a user or automated system were tricked into processing a specially
crafted XSLT document, a remote attacker could cause libxslt to crash,
causing a denial of service. (CVE-2011-3970)

Nicholas Gregoire discovered that libxslt incorrectly handled
unexpected DTD nodes. If a user or automated system were tricked into
processing a specially crafted XSLT document, a remote attacker could
cause libxslt to crash, causing a denial of service. (CVE-2012-2825)

Nicholas Gregoire discovered that libxslt incorrectly managed memory.
If a user or automated system were tricked into processing a specially
crafted XSLT document, a remote attacker could cause libxslt to crash,
causing a denial of service. (CVE-2012-2870)

Nicholas Gregoire discovered that libxslt incorrectly handled certain
transforms. If a user or automated system were tricked into processing
a specially crafted XSLT document, a remote attacker could cause
libxslt to crash, causing a denial of service, or possibly execute
arbitrary code. (CVE-2012-2871)

Cris Neckar discovered that libxslt incorrectly managed memory. If a
user or automated system were tricked into processing a specially
crafted XSLT document, a remote attacker could cause libxslt to crash,
causing a denial of service, or possibly execute arbitrary code.
(CVE-2012-2893).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected libxslt1.1 package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 62435 ()

Bugtraq ID: 47668
51911
54203
55331
55676

CVE ID: CVE-2011-1202
CVE-2011-3970
CVE-2012-2825
CVE-2012-2870
CVE-2012-2871
CVE-2012-2893