FreeBSD : amaya -- multiple buffer overflow vulnerabilities (a89b76a7-f6bd-11dd-94d9-0030843d3802)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Secunia reports :

A boundary error when processing 'div' HTML tags can be exploited to
cause a stack-based buffer overflow via an overly long 'id' parameter.

A boundary error exists when processing overly long links. This can be
exploited to cause a stack-based buffer overflow by tricking the user
into e.g. editing a malicious link.

A boundary error when processing e.g. a 'bdo' HTML tag having an
overly long 'dir' attribute can be exploited to cause a stack-based
buffer overflow.

A boundary error when processing 'input' HTML tags can be exploited to
cause a stack-based buffer overflow via an overly long e.g. 'type'
attribute.

See also :

http://www.bmgsec.com.au/advisory/41/
http://www.bmgsec.com.au/advisory/40/
http://www.coresecurity.com/content/amaya-buffer-overflows
http://www.nessus.org/u?d32cc0dc

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 56495 ()

Bugtraq ID:

CVE ID: CVE-2008-5282
CVE-2009-0323

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now