FreeBSD : bogofilter -- heap corruption through malformed input (92140bc9-7bde-11da-8ec4-0002b3b60e4c)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Matthias Andree reports :

When using Unicode databases (default in more recent bogofilter
installations), upon encountering invalid input sequences, bogofilter
or bogolexer could overrun a malloc()'d buffer, corrupting the heap,
while converting character sets. Bogofilter would usually be
processing untrusted data received from the network at that time.

This problem was aggravated by an unrelated bug that made bogofilter
process binary attachments as though they were text, and attempt
charset conversion on them. Given the MIME default character set,
US-ASCII, all input octets in the range 0x80...0xff were considered
invalid input sequences and could trigger the heap corruption.

See also :

http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-01
http://www.nessus.org/u?cd0edaf3

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21475 (freebsd_pkg_92140bc97bde11da8ec40002b3b60e4c.nasl)

Bugtraq ID:

CVE ID: CVE-2005-4591

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now