CVE-2011-3378

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00002.html

http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f

http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656

http://rpm.org/wiki/Releases/4.9.1.2#Security

http://www.mandriva.com/security/advisories?name=MDVSA-2011:143

http://www.openwall.com/lists/oss-security/2011/09/27/3

http://www.redhat.com/support/errata/RHSA-2011-1349.html

http://www.ubuntu.com/usn/USN-1695-1

https://bugzilla.redhat.com/show_bug.cgi?id=741606

https://bugzilla.redhat.com/show_bug.cgi?id=741612

Details

Source: MITRE

Published: 2011-12-24

Updated: 2016-12-08

Type: CWE-94

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
140293NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Multiple Vulnerabilities (NS-SA-2020-0039)NessusNewStart CGSL Local Security Checks
high
91753OracleVM 3.2 : rpm (OVMSA-2016-0077)NessusOracleVM Local Security Checks
high
89105VMware ESX / ESXi Service Console and Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0001) (remote check)NessusMisc.
high
76010openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)NessusSuSE Local Security Checks
high
75726openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)NessusSuSE Local Security Checks
high
69573Amazon Linux AMI : rpm (ALAS-2011-14)NessusAmazon Linux Local Security Checks
high
68363Oracle Linux 4 / 5 / 6 : rpm (ELSA-2011-1349)NessusOracle Linux Local Security Checks
high
63612Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : rpm vulnerabilities (USN-1695-1)NessusUbuntu Local Security Checks
high
61147Scientific Linux Security Update : rpm on SL4.x, SL5.x, SL6.x i386/x86_64NessusScientific Linux Local Security Checks
high
59679GLSA-201206-26 : RPM: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
57749VMSA-2012-0001 : VMware ESXi and ESX updates to third-party library and ESX Service ConsoleNessusVMware ESX Local Security Checks
high
57241SuSE 10 Security Update : popt (ZYPP Patch Number 7792)NessusSuSE Local Security Checks
high
57128SuSE 11.1 Security Update : popt (SAT Patch Number 5256)NessusSuSE Local Security Checks
high
56702SuSE 10 Security Update : popt (ZYPP Patch Number 7793)NessusSuSE Local Security Checks
high
56457Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)NessusFedora Local Security Checks
high
56424Fedora 16 : rpm-4.9.1.2-1.fc16 (2011-13766)NessusFedora Local Security Checks
high
56403Mandriva Linux Security Advisory : rpm (MDVSA-2011:143)NessusMandriva Local Security Checks
high
56383RHEL 4 / 5 / 6 : rpm (RHSA-2011:1349)NessusRed Hat Local Security Checks
high
56380CentOS 4 / 5 : rpm (CESA-2011:1349)NessusCentOS Local Security Checks
high