FreeBSD : rar -- password prompt buffer overflow vulnerability (94234e00-be8a-11db-b2ec-000c6ec775d9)

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

iDefense reports :

Remote exploitation of a stack based buffer overflow vulnerability in
RARLabs Unrar may allow an attacker to execute arbitrary code with the
privileges of the user opening the archive.

Unrar is prone to a stack based buffer overflow when processing
specially crafted password protected archives.

If users are using the vulnerable command line based unrar, they still
need to interact with the program in order to trigger the
vulnerability. They must respond to the prompt asking for the
password, after which the vulnerability will be triggered. They do not
need to enter a correct password, but they must at least push the
enter key.

See also :

http://www.nessus.org/u?34943166
http://www.rarsoft.com/rarnew.htm
http://www.nessus.org/u?72dcc8aa

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 24366 (freebsd_pkg_94234e00be8a11dbb2ec000c6ec775d9.nasl)

Bugtraq ID: 22447

CVE ID: CVE-2007-0855

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now