FreeBSD : greed -- insecure GRX file processing (bd579366-5290-11d9-ac20-00065be4b5b6)

Critical Nessus Plugin ID 19102


The remote FreeBSD host is missing a security-related update.


A buffer overflow vulnerability has been detected in the greed URL handling code. This bug can especially be a problem when greed is used to process GRX (GetRight) files that originate from untrusted sources.

The bug finder, Manigandan Radhakrishnan, gave the following description :

Here are the bugs. First, in main.c, DownloadLoop() uses strcat() to copy an input filename to the end of a 128-byte COMMAND array. Second, DownloadLoop() passes the input filename to system() without checking for special characters such as semicolons.


Update the affected package.

See Also

Plugin Details

Severity: Critical

ID: 19102

File Name: freebsd_pkg_bd579366529011d9ac2000065be4b5b6.nasl

Version: $Revision: 1.16 $

Type: local

Published: 2005/07/13

Modified: 2013/08/09

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:greed, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2005/01/03

Vulnerability Publication Date: 2004/12/15

Reference Information

CVE: CVE-2004-1273, CVE-2004-1274

Secunia: 13534