Executive Summary
Summary | |
---|---|
Title | pcre security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:761 | First vendor Publication | 2005-09-08 |
Vendor | RedHat | Last vendor Modification | 2005-09-08 |
Severity (Vendor) | Moderate | Revision | 02 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated pcre packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PCRE is a Perl-compatible regular expression library. An integer overflow flaw was found in PCRE, triggered by a maliciously crafted regular expression. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-2491 to this issue. The security impact of this issue varies depending on the way that applications make use of PCRE. For example, the Apache web server uses the system PCRE library in order to parse regular expressions, but this flaw would only allow a user who already has the ability to write .htaccess files to gain 'apache' privileges. For applications supplied with Red Hat Enterprise Linux, a maximum security impact of moderate has been assigned. Users should update to these erratum packages that contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. After updating you will need to restart all services that use the system PCRE library. This can be done manually or by rebooting your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 166330 - CAN-2005-2491 PCRE heap overflow |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-761.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11516 | |||
Oval ID: | oval:org.mitre.oval:def:11516 | ||
Title: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1496 | |||
Oval ID: | oval:org.mitre.oval:def:1496 | ||
Title: | Webproxy Integer Overflow in pcre_compile | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 2 |
Platform(s): | HP-UX 11 | Product(s): | Apache |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1659 | |||
Oval ID: | oval:org.mitre.oval:def:1659 | ||
Title: | VirusVault Integer Overflow in pcre_compile | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 2 |
Platform(s): | HP-UX 11 | Product(s): | Apache |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:735 | |||
Oval ID: | oval:org.mitre.oval:def:735 | ||
Title: | Apache Integer Overflow in pcre_compile.c | ||
Description: | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2491 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | Apache |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5021688.nasl |
2009-10-10 | Name : SLES9: Security update for Apache2 File : nvt/sles9p5021652.nasl |
2009-10-10 | Name : SLES9: Security update for pcre File : nvt/sles9p5018284.nasl |
2009-10-10 | Name : SLES9: Security update for Python File : nvt/sles9p5015916.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200508-17 (libpcre) File : nvt/glsa_200508_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-19 (PHP) File : nvt/glsa_200509_19.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-12 (Apache) File : nvt/glsa_200509_12.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-08 (Python) File : nvt/glsa_200509_08.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-02 (Gnumeric) File : nvt/glsa_200509_02.nasl |
2008-09-04 | Name : FreeBSD Ports: pcre, pcre-utf8 File : nvt/freebsd_pcre.nasl |
2008-09-04 | Name : PHP -- multiple vulnerabilities File : nvt/freebsd_mod_php4-twig4.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 800-1 (pcre3) File : nvt/deb_800_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 821-1 (python2.3) File : nvt/deb_821_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 819-1 (python2.1) File : nvt/deb_819_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 817-1 (python2.2) File : nvt/deb_817_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-251-04 php5 in Slackware 10.1 File : nvt/esoft_slk_ssa_2005_251_04.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-242-02 PHP File : nvt/esoft_slk_ssa_2005_242_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-242-01 PCRE library File : nvt/esoft_slk_ssa_2005_242_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
18906 | Perl-Compatible Regular Expression (PCRE) Quantifier Value Processing Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12013.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote version of Apache is affected by multiple vulnerabilities. File : apache_2_0_55.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-358.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-761.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0197.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b971d2a6167011da978e0001020eed82.nasl - Type : ACT_GATHER_INFO |
2006-03-21 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_34163.nasl - Type : ACT_GATHER_INFO |
2006-03-21 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_34123.nasl - Type : ACT_GATHER_INFO |
2006-03-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0197.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-173-4.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-173-2.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-173-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-213.nasl - Type : ACT_GATHER_INFO |
2005-11-30 | Name : The remote operating system is missing a vendor-supplied patch. File : macosx_SecUpd2005-009.nasl - Type : ACT_GATHER_INFO |
2005-11-01 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_4_4_1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-819.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-242-01.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-242-02.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-251-04.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_051.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_049.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_048.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-817.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-155.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-154.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-153.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-152.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-151.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-821.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-19.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-12.nasl - Type : ACT_GATHER_INFO |
2005-09-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-08.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-358.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-761.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200509-02.nasl - Type : ACT_GATHER_INFO |
2005-09-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-800.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200508-17.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:38 |
|