Executive Summary
Summary | |
---|---|
Title | exim security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:358 | First vendor Publication | 2005-09-08 |
Vendor | RedHat | Last vendor Modification | 2005-09-08 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated exim packages that fix a security issue in PCRE and a free space computation on large file system bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Exim is a mail transport agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within Exim. A local user could create a maliciously crafted regular expression in such as way that they could gain the privileges of the 'exim' user. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-2491 to this issue. These erratum packages change Exim to use the system PCRE library instead of the internal one. These packages also fix a minor flaw where the Exim Monitor was incorrectly computing free space on very large file systems. Users should upgrade to these erratum packages and also ensure they have updated the system PCRE library, for which erratum packages are available seperately in RHSA-2005:761 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 166332 - CAN-2005-2491 PCRE heap overflow |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-358.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11516 | |||
Oval ID: | oval:org.mitre.oval:def:11516 | ||
Title: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1496 | |||
Oval ID: | oval:org.mitre.oval:def:1496 | ||
Title: | Webproxy Integer Overflow in pcre_compile | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 2 |
Platform(s): | HP-UX 11 | Product(s): | Apache |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1659 | |||
Oval ID: | oval:org.mitre.oval:def:1659 | ||
Title: | VirusVault Integer Overflow in pcre_compile | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 2 |
Platform(s): | HP-UX 11 | Product(s): | Apache |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:735 | |||
Oval ID: | oval:org.mitre.oval:def:735 | ||
Title: | Apache Integer Overflow in pcre_compile.c | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | Apache |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5021688.nasl |
2009-10-10 | Name : SLES9: Security update for Apache2 File : nvt/sles9p5021652.nasl |
2009-10-10 | Name : SLES9: Security update for pcre File : nvt/sles9p5018284.nasl |
2009-10-10 | Name : SLES9: Security update for Python File : nvt/sles9p5015916.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-17 (libpcre) File : nvt/glsa_200508_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-19 (PHP) File : nvt/glsa_200509_19.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-12 (Apache) File : nvt/glsa_200509_12.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-08 (Python) File : nvt/glsa_200509_08.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-02 (Gnumeric) File : nvt/glsa_200509_02.nasl |
2008-09-04 | Name : FreeBSD Ports: pcre, pcre-utf8 File : nvt/freebsd_pcre.nasl |
2008-09-04 | Name : PHP -- multiple vulnerabilities File : nvt/freebsd_mod_php4-twig4.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 800-1 (pcre3) File : nvt/deb_800_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 821-1 (python2.3) File : nvt/deb_821_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 819-1 (python2.1) File : nvt/deb_819_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 817-1 (python2.2) File : nvt/deb_817_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-251-04 php5 in Slackware 10.1 File : nvt/esoft_slk_ssa_2005_251_04.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-242-02 PHP File : nvt/esoft_slk_ssa_2005_242_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-242-01 PCRE library File : nvt/esoft_slk_ssa_2005_242_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
18906 | Perl-Compatible Regular Expression (PCRE) Quantifier Value Processing Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12013.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote version of Apache is affected by multiple vulnerabilities. File : apache_2_0_55.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-358.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-761.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0197.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b971d2a6167011da978e0001020eed82.nasl - Type : ACT_GATHER_INFO |
2006-03-21 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_34163.nasl - Type : ACT_GATHER_INFO |
2006-03-21 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_34123.nasl - Type : ACT_GATHER_INFO |
2006-03-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0197.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-173-4.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-173-2.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-173-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-213.nasl - Type : ACT_GATHER_INFO |
2005-11-30 | Name : The remote operating system is missing a vendor-supplied patch. File : macosx_SecUpd2005-009.nasl - Type : ACT_GATHER_INFO |
2005-11-01 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_4_4_1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-819.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-242-01.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-242-02.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-251-04.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_051.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_049.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_048.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-817.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-155.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-154.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-153.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-152.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-151.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-821.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-19.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-12.nasl - Type : ACT_GATHER_INFO |
2005-09-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-08.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-358.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-761.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-02.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-800.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-17.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:15 |
|
2013-05-11 12:22:59 |
|