CVE-2005-2491high
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
References
http://www.securityfocus.com/bid/14620
http://securitytracker.com/id?1014744
http://www.debian.org/security/2005/dsa-800
http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
http://www.redhat.com/support/errata/RHSA-2005-761.html
http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
http://www.debian.org/security/2005/dsa-819
http://www.debian.org/security/2005/dsa-817
http://www.debian.org/security/2005/dsa-821
http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://www.ethereal.com/appnotes/enpa-sa-00021.html
http://www.php.net/release_4_4_1.php
http://docs.info.apple.com/article.html?artnum=302847
http://www.securityfocus.com/bid/15647
http://secunia.com/advisories/17813
http://secunia.com/advisories/16502
http://secunia.com/advisories/16679
http://www.redhat.com/support/errata/RHSA-2006-0197.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://secunia.com/advisories/19072
http://www.redhat.com/support/errata/RHSA-2005-358.html
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
http://secunia.com/advisories/19193
http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf
http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf
http://secunia.com/advisories/17252
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
http://secunia.com/advisories/19532
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www.novell.com/linux/security/advisories/2005_48_pcre.html
http://www.novell.com/linux/security/advisories/2005_49_php.html
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm
http://secunia.com/advisories/21522
http://secunia.com/advisories/22691
http://secunia.com/advisories/22875
http://securityreason.com/securityalert/604
http://www.vupen.com/english/advisories/2006/0789
http://www.vupen.com/english/advisories/2006/4502
http://www.vupen.com/english/advisories/2006/4320
http://www.vupen.com/english/advisories/2005/1511
http://www.vupen.com/english/advisories/2005/2659
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://marc.info/?l=bugtraq&m=112606064317223&w=2
http://marc.info/?l=bugtraq&m=112605112027335&w=2
http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516
http://www.securityfocus.com/archive/1/428138/100/0/threaded
http://www.securityfocus.com/archive/1/427046/100/0/threaded
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
Details
Source: MITRE
Published: 2005-08-23
Updated: 2021-06-06
Type: NVD-CWE-Other
Risk Information
CVSS v2
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:pcre:pcre:6.0:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 41173 | SuSE9 Security Update : Python (YOU Patch Number 12013) | Nessus | SuSE Local Security Checks | high |
| 31656 | Apache < 2.0.55 Multiple Vulnerabilities | Nessus | Web Servers | high |
| 21927 | CentOS 4 : exim (CESA-2005:358) | Nessus | CentOS Local Security Checks | high |
| 21890 | CentOS 3 / 4 : python (CESA-2006:0197) | Nessus | CentOS Local Security Checks | high |
| 21854 | CentOS 3 / 4 : pcre (CESA-2005:761) | Nessus | CentOS Local Security Checks | high |
| 21502 | FreeBSD : pcre -- regular expression buffer overflow (b971d2a6-1670-11da-978e-0001020eed82) | Nessus | FreeBSD Local Security Checks | high |
| 21108 | HP-UX PHSS_34163 : Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access (HPSBUX02074 SSRT051251 rev.2) | Nessus | HP-UX Local Security Checks | high |
| 21107 | HP-UX PHSS_34123 : Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access (HPSBUX02074 SSRT051251 rev.2) | Nessus | HP-UX Local Security Checks | high |
| 21042 | RHEL 2.1 / 3 / 4 : python (RHSA-2006:0197) | Nessus | Red Hat Local Security Checks | high |
| 20583 | Ubuntu 4.10 / 5.04 : python2.1, python2.2, python2.3, gnumeric vulnerabilities (USN-173-4) | Nessus | Ubuntu Local Security Checks | high |
| 20581 | Ubuntu 4.10 / 5.04 : pcre3, apache2 vulnerabilities (USN-173-2) | Nessus | Ubuntu Local Security Checks | high |
| 20580 | Ubuntu 4.10 / 5.04 : pcre3 vulnerability (USN-173-1) | Nessus | Ubuntu Local Security Checks | high |
| 20445 | Mandrake Linux Security Advisory : php (MDKSA-2005:213) | Nessus | Mandriva Local Security Checks | high |
| 3308 | Mac OS X Multiple Vulnerabilities (Security Update 2005-009) | Nessus Network Monitor | Operating System Detection | high |
| 20249 | Mac OS X Multiple Vulnerabilities (Security Update 2005-009) | Nessus | MacOS X Local Security Checks | high |
| 20111 | PHP < 4.4.1 / 5.0.6 Multiple Vulnerabilities | Nessus | CGI abuses | high |
| 19911 | Mandrake Linux Security Advisory : apache2 (MDKSA-2005:155) | Nessus | Mandriva Local Security Checks | high |
| 19910 | Mandrake Linux Security Advisory : python (MDKSA-2005:154) | Nessus | Mandriva Local Security Checks | high |
| 19909 | Mandrake Linux Security Advisory : gnumeric (MDKSA-2005:153) | Nessus | Mandriva Local Security Checks | high |
| 19908 | Mandrake Linux Security Advisory : php (MDKSA-2005:152) | Nessus | Mandriva Local Security Checks | high |
| 19907 | Mandrake Linux Security Advisory : pcre (MDKSA-2005:151) | Nessus | Mandriva Local Security Checks | high |
| 19863 | Slackware 10.1 : php5 in Slackware 10.1 (SSA:2005-251-04) | Nessus | Slackware Local Security Checks | high |
| 19859 | Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : PHP (SSA:2005-242-02) | Nessus | Slackware Local Security Checks | high |
| 19858 | Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : PCRE library (SSA:2005-242-01) | Nessus | Slackware Local Security Checks | high |
| 19818 | GLSA-200509-19 : PHP: Vulnerabilities in included PCRE and XML-RPC libraries | Nessus | Gentoo Local Security Checks | high |
| 19811 | GLSA-200509-12 : Apache, mod_ssl: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
| 19790 | Debian DSA-821-1 : python2.3 - integer overflow | Nessus | Debian Local Security Checks | high |
| 19788 | Debian DSA-819-1 : python2.1 - integer overflow | Nessus | Debian Local Security Checks | high |
| 19786 | Debian DSA-817-1 : python2.2 - integer overflow | Nessus | Debian Local Security Checks | high |
| 19687 | GLSA-200509-08 : Python: Heap overflow in the included PCRE library | Nessus | Gentoo Local Security Checks | high |
| 19675 | RHEL 2.1 / 3 / 4 : pcre (RHSA-2005:761) | Nessus | Red Hat Local Security Checks | high |
| 19672 | RHEL 4 : exim (RHSA-2005:358) | Nessus | Red Hat Local Security Checks | high |
| 19577 | GLSA-200509-02 : Gnumeric: Heap overflow in the included PCRE library | Nessus | Gentoo Local Security Checks | high |
| 19570 | Debian DSA-800-1 : pcre3 - integer overflow | Nessus | Debian Local Security Checks | high |
| 19537 | GLSA-200508-17 : libpcre: Heap integer overflow | Nessus | Gentoo Local Security Checks | high |
| 3112 | Apache < 2.0.55 HTTP Smuggling Vulnerability | Nessus Network Monitor | Web Servers | high |
| 3042 | Apache HTTP Request Parsing HTML Injection | Nessus Network Monitor | Web Servers | high |
| 800798 | Mac OS X Multiple Vulnerabilities (Security Update 2005-009) | Log Correlation Engine | Operating System Detection | high |
| 800576 | Apache HTTP Request Parsing HTML Injection | Log Correlation Engine | Web Servers | high |
| 800556 | Apache < 2.0.55 HTTP Smuggling Vulnerability | Log Correlation Engine | Web Servers | high |