Executive Summary

Informations
Name CVE-2008-2935 First vendor Publication 2008-08-01
Vendor Cve Last vendor Modification 2018-10-11

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2935

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10827
 
Oval ID: oval:org.mitre.oval:def:10827
Title: Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Description: Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Family: unix Class: vulnerability
Reference(s): CVE-2008-2935
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17713
 
Oval ID: oval:org.mitre.oval:def:17713
Title: USN-633-1 -- libxslt vulnerabilities
Description: It was discovered that long transformation matches in libxslt could overflow.
Family: unix Class: patch
Reference(s): USN-633-1
CVE-2008-1767
CVE-2008-2935
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): libxslt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20386
 
Oval ID: oval:org.mitre.oval:def:20386
Title: DSA-1624-1 libxslt - arbitrary code execution
Description: Chris Evans discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1624-1
CVE-2008-2935
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): libxslt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22165
 
Oval ID: oval:org.mitre.oval:def:22165
Title: ELSA-2008:0649: libxslt security update (Moderate)
Description: Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Family: unix Class: patch
Reference(s): ELSA-2008:0649-03
CVE-2008-2935
Version: 6
Platform(s): Oracle Linux 5
Product(s): libxslt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29029
 
Oval ID: oval:org.mitre.oval:def:29029
Title: RHSA-2008:0649 -- libxslt security update (Moderate)
Description: Updated libxslt packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libxslt is a library for transforming XML files into other XML files using the standard XSLT stylesheet transformation mechanism. A heap buffer overflow flaw was discovered in the RC4 libxslt library extension. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute arbitrary code with the privileges of the application using the libxslt library to perform XSL transformations on untrusted XSL style sheets. (CVE-2008-2935) Red Hat would like to thank Chris Evans for reporting this vulnerability. All libxslt users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.
Family: unix Class: patch
Reference(s): RHSA-2008:0649
CESA-2008:0649-CentOS 5
CVE-2008-2935
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): libxslt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7764
 
Oval ID: oval:org.mitre.oval:def:7764
Title: DSA-1624 liebxslt -- buffer overflows
Description: Chris Evans discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1624
CVE-2008-2935
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): libxslt
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 17

OpenVAS Exploits

Date Description
2009-10-13 Name : SLES10: Security update for libxslt
File : nvt/sles10_libxslt.nasl
2009-04-09 Name : Mandriva Update for libxslt MDVSA-2008:160 (libxslt)
File : nvt/gb_mandriva_MDVSA_2008_160.nasl
2009-03-23 Name : Ubuntu Update for libxslt vulnerabilities USN-633-1
File : nvt/gb_ubuntu_USN_633_1.nasl
2009-03-06 Name : RedHat Update for libxslt RHSA-2008:0649-01
File : nvt/gb_RHSA-2008_0649-01_libxslt.nasl
2009-02-17 Name : Fedora Update for libxslt FEDORA-2008-7029
File : nvt/gb_fedora_2008_7029_libxslt_fc8.nasl
2009-02-17 Name : Fedora Update for libxslt FEDORA-2008-7062
File : nvt/gb_fedora_2008_7062_libxslt_fc9.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200808-06 (libxslt)
File : nvt/glsa_200808_06.nasl
2008-08-15 Name : Debian Security Advisory DSA 1624-1 (libxslt)
File : nvt/deb_1624_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
47544 libxslt libexslt crypto.c Multiple Function XML Parsing Overflows

Snort® IPS/IDS

Date Description
2014-01-10 GNOME Project libxslt RC4 key string buffer overflow attempt - 2
RuleID : 14041 - Revision : 16 - Type : SERVER-OTHER
2014-01-10 GNOME Project libxslt RC4 key string buffer overflow attempt
RuleID : 14040 - Revision : 14 - Type : SERVER-OTHER
2014-01-10 GNOME Project libxslt RC4 key string buffer overflow attempt
RuleID : 14039 - Revision : 20 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0649.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080731_libxslt_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0649.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libxslt-080720.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-160.nasl - Type : ACT_GATHER_INFO
2008-09-03 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_libxslt-5457.nasl - Type : ACT_GATHER_INFO
2008-09-03 Name : The remote openSUSE host is missing a security update.
File : suse_libxslt-5458.nasl - Type : ACT_GATHER_INFO
2008-08-08 Name : The remote Fedora host is missing a security update.
File : fedora_2008-7029.nasl - Type : ACT_GATHER_INFO
2008-08-08 Name : The remote Fedora host is missing a security update.
File : fedora_2008-7062.nasl - Type : ACT_GATHER_INFO
2008-08-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200808-06.nasl - Type : ACT_GATHER_INFO
2008-08-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-633-1.nasl - Type : ACT_GATHER_INFO
2008-08-01 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1624.nasl - Type : ACT_GATHER_INFO
2008-08-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0649.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/30467
BUGTRAQ http://www.securityfocus.com/archive/1/494976/100/0/threaded
http://www.securityfocus.com/archive/1/495018/100/0/threaded
http://www.securityfocus.com/archive/1/497829/100/0/threaded
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306
DEBIAN http://www.debian.org/security/2008/dsa-1624
FEDORA https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00092....
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00118....
GENTOO http://security.gentoo.org/glsa/glsa-200808-06.xml
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:160
MISC http://www.ocert.org/advisories/ocert-2008-009.html
http://www.ocert.org/patches/exslt_crypt.patch
http://www.scary.beasts.org/security/CESA-2008-003.html
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2008-0649.html
SECTRACK http://www.securitytracker.com/id?1020596
SECUNIA http://secunia.com/advisories/31230
http://secunia.com/advisories/31310
http://secunia.com/advisories/31331
http://secunia.com/advisories/31363
http://secunia.com/advisories/31395
http://secunia.com/advisories/31399
http://secunia.com/advisories/32453
SREASON http://securityreason.com/securityalert/4078
UBUNTU http://www.ubuntu.com/usn/usn-633-1
VUPEN http://www.vupen.com/english/advisories/2008/2266/references
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/44141

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
Date Informations
2020-05-23 00:21:53
  • Multiple Updates
2018-10-12 00:20:23
  • Multiple Updates
2017-09-29 09:23:36
  • Multiple Updates
2017-08-08 09:24:12
  • Multiple Updates
2016-04-26 17:35:10
  • Multiple Updates
2014-02-17 10:45:32
  • Multiple Updates
2014-01-19 21:25:04
  • Multiple Updates
2013-05-11 00:20:26
  • Multiple Updates