FreeBSD : e2fsprogs -- buffer overflow if s_first_meta_bg too big (0f488b7b-bbb9-11e4-903c-080027ef73ec)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Theodore Ts'o reports :

If s_first_meta_bg is greater than the of number block group
descriptor blocks, then reading or writing the block group descriptors
will end up overruning the memory buffer allocated for the
descriptors.

The finding is credited to a vulnerability report from Jose Duart of
Google Security Team <jduart AT google.com> and was reported through
oCERT-2015-002.

See also :

http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
http://www.ocert.org/advisories/ocert-2015-002.html
https://bugzilla.redhat.com/show_bug.cgi?id=1187032
http://www.nessus.org/u?a0168683

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 81460 ()

Bugtraq ID:

CVE ID: CVE-2015-0247

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now