FreeBSD : bogofilter -- heap corruption through excessively long words (b747b2a9-7be0-11da-8ec4-0002b3b60e4c)

high Nessus Plugin ID 21500

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Matthias Andree reports :

Bogofilter's/bogolexer's input handling in version 0.96.2 was not keeping track of its output buffers properly and could overrun a heap buffer if the input contained words whose length exceeded 16,384 bytes, the size of flex's input buffer. A 'word' here refers to a contiguous run of input octets that was not '_' and did not match at least one of ispunct(), iscntrl() or isspace().

Solution

Update the affected package.

See Also

http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-02

http://www.nessus.org/u?890d68ab

Plugin Details

Severity: High

ID: 21500

File Name: freebsd_pkg_b747b2a97be011da8ec40002b3b60e4c.nasl

Version: 1.11

Type: local

Published: 5/13/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bogofilter, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/7/2006

Vulnerability Publication Date: 10/23/2005

Reference Information

CVE: CVE-2005-4592