FreeBSD : e2fsprogs -- heap buffer overflow (299e3f81-aee7-11dc-b781-0016179b2dd5)

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Theodore Y. Ts'o reports :

Fix a potential security vulnerability where an untrusted filesystem
can be corrupted in such a way that a program using libext2fs will
allocate a buffer which is far too small. This can lead to either a
crash or potentially a heap-based buffer overflow crash. No known
exploits exist, but main concern is where an untrusted user who
possesses privileged access in a guest Xen environment could corrupt a
filesystem which is then accessed by thus allowing the untrusted user
to gain privileged access in the host OS. Thanks to the McAfee AVERT
Research group for reporting this issue.

See also :

http://www.nessus.org/u?525d845b
http://www.nessus.org/u?dd6bd758

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 5.0
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 29769 (freebsd_pkg_299e3f81aee711dcb7810016179b2dd5.nasl)

Bugtraq ID: 26772

CVE ID: CVE-2007-5497

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now