Executive Summary
Summary | |
---|---|
Title | PCRE vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-547-1 | First vendor Publication | 2007-11-27 |
Vendor | Ubuntu | Last vendor Modification | 2007-11-27 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: Ubuntu 7.04: Ubuntu 7.10: After a standard system upgrade you need to reboot your computer to effect the necessary changes. Due to the large internal code changes needed to solve outstanding flaws, it was not possible to backport all the upstream security fixes to the earlier released versions. To address this, the pcre3 library has been updated to the latest stable release (7.4), which includes fixes for all known security issues. While the new version is ABI compatible, efforts have been taken to maintain behavioral compatibility with the earlier versions. Details follow: Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. By tricking a user or service into running specially crafted expressions via applications linked against libpcre3, a remote attacker could crash the application, monopolize CPU resources, or possibly execute arbitrary code with the application's privileges. |
Original Source
Url : http://www.ubuntu.com/usn/USN-547-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
75 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10562 | |||
Oval ID: | oval:org.mitre.oval:def:10562 | ||
Title: | Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Description: | Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-1660 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17651 | |||
Oval ID: | oval:org.mitre.oval:def:17651 | ||
Title: | USN-547-1 -- pcre3 vulnerabilities | ||
Description: | Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-547-1 CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | pcre3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18752 | |||
Oval ID: | oval:org.mitre.oval:def:18752 | ||
Title: | DSA-1570-1 kazehakase - execution of arbitrary code | ||
Description: | Andrews Salomon reported that kazehakase, a GTK+-based web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1570-1 CVE-2006-7227 CVE-2006-7228 CVE-2006-7230 CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | kazehakase |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20218 | |||
Oval ID: | oval:org.mitre.oval:def:20218 | ||
Title: | DSA-1399-1 pcre3 - arbitrary code execution | ||
Description: | Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1399-1 CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | pcre3 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22606 | |||
Oval ID: | oval:org.mitre.oval:def:22606 | ||
Title: | ELSA-2007:0967: pcre security update (Critical) | ||
Description: | Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0967-02 CVE-2007-1659 CVE-2007-1660 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | pcre |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8010 | |||
Oval ID: | oval:org.mitre.oval:def:8010 | ||
Title: | DSA-1570 kazehakase -- various | ||
Description: | Andrews Salomon reported that kazehakase, a GTK+-based web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. The PCRE library has been updated to fix the security issues reported against it in previous Debian Security Advisories. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1570 CVE-2006-7227 CVE-2006-7228 CVE-2006-7230 CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | kazehakase |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9701 | |||
Oval ID: | oval:org.mitre.oval:def:9701 | ||
Title: | Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized. | ||
Description: | Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-4768 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9725 | |||
Oval ID: | oval:org.mitre.oval:def:9725 | ||
Title: | Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. | ||
Description: | Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-1659 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 2 | |
Os | 1 | |
Os | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for pcre File : nvt/sles9p5018729.nasl |
2009-10-10 | Name : SLES9: Security update for pcre File : nvt/sles9p5015818.nasl |
2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5015662.nasl |
2009-10-10 | Name : SLES9: Security update for pcre File : nvt/sles9p5013426.nasl |
2009-04-09 | Name : Mandriva Update for pcre MDKSA-2007:212 (pcre) File : nvt/gb_mandriva_MDKSA_2007_212.nasl |
2009-04-09 | Name : Mandriva Update for pcre MDKSA-2007:211 (pcre) File : nvt/gb_mandriva_MDKSA_2007_211.nasl |
2009-03-23 | Name : Ubuntu Update for pcre3 vulnerabilities USN-547-1 File : nvt/gb_ubuntu_USN_547_1.nasl |
2009-03-06 | Name : RedHat Update for pcre RHSA-2007:1065-01 File : nvt/gb_RHSA-2007_1065-01_pcre.nasl |
2009-03-06 | Name : RedHat Update for pcre RHSA-2007:1068-01 File : nvt/gb_RHSA-2007_1068-01_pcre.nasl |
2009-03-06 | Name : RedHat Update for php RHSA-2008:0546-01 File : nvt/gb_RHSA-2008_0546-01_php.nasl |
2009-03-06 | Name : RedHat Update for pcre RHSA-2007:1063-01 File : nvt/gb_RHSA-2007_1063-01_pcre.nasl |
2009-02-27 | Name : CentOS Update for php CESA-2008:0546-01 centos2 i386 File : nvt/gb_CESA-2008_0546-01_php_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for pcre CESA-2007:1065-01 centos2 i386 File : nvt/gb_CESA-2007_1065-01_pcre_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for pcre CESA-2007:1063 centos3 x86_64 File : nvt/gb_CESA-2007_1063_pcre_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for pcre CESA-2007:1063 centos3 i386 File : nvt/gb_CESA-2007_1063_pcre_centos3_i386.nasl |
2009-02-16 | Name : Fedora Update for pcre FEDORA-2008-1842 File : nvt/gb_fedora_2008_1842_pcre_fc7.nasl |
2009-01-28 | Name : SuSE Update for pcre SUSE-SA:2007:062 File : nvt/gb_suse_2007_062.nasl |
2009-01-28 | Name : SuSE Update for flash-player SUSE-SA:2007:069 File : nvt/gb_suse_2007_069.nasl |
2009-01-23 | Name : SuSE Update for php4, php5 SUSE-SA:2008:004 File : nvt/gb_suse_2008_004.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-30 (libpcre) File : nvt/glsa_200711_30.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200801-02 (R) File : nvt/glsa_200801_02.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200801-07 (netscape-flash) File : nvt/glsa_200801_07.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200801-18 (kazehakase) File : nvt/glsa_200801_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200801-19 (goffice) File : nvt/glsa_200801_19.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-11 (chicken) File : nvt/glsa_200805_11.nasl |
2008-09-04 | Name : FreeBSD Ports: pcre, pcre-utf8 File : nvt/freebsd_pcre0.nasl |
2008-09-04 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin2.nasl |
2008-05-12 | Name : Debian Security Advisory DSA 1570-1 (kazehakase) File : nvt/deb_1570_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1399-1 (pcre3) File : nvt/deb_1399_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40766 | Perl-Compatible Regular Expression (PCRE) Singleton Unicode Sequence Handling... |
40765 | Perl-Compatible Regular Expression (PCRE) Unmatched Brackets / Parentheses Se... |
40764 | Perl-Compatible Regular Expression (PCRE) Character Class Calculation overflow |
40763 | Perl-Compatible Regular Expression (PCRE) Unmatched "\Q\E" Sequence... |
40761 | Perl-Compatible Regular Expression (PCRE) Non-UTF-8 Mode Pattern Matching Inf... |
40760 | Perl-Compatible Regular Expression (PCRE) \P Sequence DoS |
40759 | Perl-Compatible Regular Expression (PCRE) Unspecified Escape (backslash) Sequ... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1068.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1063.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0968.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0967.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1068.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071129_pcre_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071105_pcre_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0967.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11998.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12000.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12049.nasl - Type : ACT_GATHER_INFO |
2009-08-28 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_812.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1126.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2008-0007.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-211.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1063.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0968.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0546.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1570.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1842.nasl - Type : ACT_GATHER_INFO |
2008-02-06 | Name : The PDF file viewer on the remote Windows host is affected by multiple vulner... File : adobe_reader_812.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200801-07.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-4810.nasl - Type : ACT_GATHER_INFO |
2008-01-04 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_562cf6c4b9f111dca302000102cc8983.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-4856.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote openSUSE host is missing a security update. File : suse_flash-player-4855.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-4808.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Windows host contains a browser plugin that is affected by multipl... File : flash_player_apsb07-20.nasl - Type : ACT_GATHER_INFO |
2007-12-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_pcre-4689.nasl - Type : ACT_GATHER_INFO |
2007-12-07 | Name : The remote openSUSE host is missing a security update. File : suse_glib2-4768.nasl - Type : ACT_GATHER_INFO |
2007-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1063.nasl - Type : ACT_GATHER_INFO |
2007-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1065.nasl - Type : ACT_GATHER_INFO |
2007-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1068.nasl - Type : ACT_GATHER_INFO |
2007-11-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-547-1.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-30.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote openSUSE host is missing a security update. File : suse_pcre-4683.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote openSUSE host is missing a security update. File : suse_pcre-4696.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote openSUSE host is missing a security update. File : suse_pcre-4697.nasl - Type : ACT_GATHER_INFO |
2007-11-09 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-212.nasl - Type : ACT_GATHER_INFO |
2007-11-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_bfd6eef48c9411dc8c55001c2514716c.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0967.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1399.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0968.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:47 |
|