FreeBSD : URI handler vulnerabilities in several browsers (df333ede-a8ce-11d8-9c6d-0020ed76ef5a)

high Nessus Plugin ID 37850

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Karol Wiesek and Greg MacManus reported via iDEFENSE that the Opera web browser contains a flaw in the handling of certain URIs. When presented with these URIs, Opera would invoke external commands to process them after some validation. However, if the hostname component of a URI begins with a `-', it may be treated as an option by an external command. This could have undesirable side-effects, from denial-of-service to code execution. The impact is very dependent on local configuration.

After the iDEFENSE advisory was published, the KDE team discovered similar problems in KDE's URI handlers.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?aacb7758

https://www.kde.org/info/security/advisory-20040517-1.txt

https://freebsd.kde.org/index.php#n20040517

http://www.nessus.org/u?6d1cdf7f

Plugin Details

Severity: High

ID: 37850

File Name: freebsd_pkg_df333edea8ce11d89c6d0020ed76ef5a.nasl

Version: 1.16

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:kdelibs, p-cpe:/a:freebsd:freebsd:linux-opera, p-cpe:/a:freebsd:freebsd:opera, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/18/2004

Vulnerability Publication Date: 5/12/2004

Reference Information

CVE: CVE-2004-0411