Executive Summary
Summary | |
---|---|
Title | libxml2 security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0886 | First vendor Publication | 2008-09-11 |
Vendor | RedHat | Last vendor Modification | 2008-09-11 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated libxml2 packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Description: The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and write XML and HTML files. A heap-based buffer overflow flaw was found in the way libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-3529) A denial of service flaw was found in the way libxml2 processed certain content. If an application linked against libxml2 processed malformed XML content, it could cause the application to use an excessive amount of CPU time and memory, and stop responding. (CVE-2003-1564) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 461015 - CVE-2008-3529 libxml2: long entity name heap buffer overflow 461107 - CVE-2003-1564 libxml2: billion laughs DoS attack |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0886.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-776 | Unrestricted Recursive Entity References in DTDs ('XML Bomb') |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11760 | |||
Oval ID: | oval:org.mitre.oval:def:11760 | ||
Title: | Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. | ||
Description: | Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3529 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13882 | |||
Oval ID: | oval:org.mitre.oval:def:13882 | ||
Title: | USN-815-1 -- libxml2 vulnerabilities | ||
Description: | It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04. Original advisory details: It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service | ||
Family: | unix | Class: | patch |
Reference(s): | USN-815-1 CVE-2009-2414 CVE-2009-2416 CVE-2008-3529 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18505 | |||
Oval ID: | oval:org.mitre.oval:def:18505 | ||
Title: | DSA-1654-1 libxml2 - execution of arbitrary code | ||
Description: | It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1654-1 CVE-2008-3529 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21739 | |||
Oval ID: | oval:org.mitre.oval:def:21739 | ||
Title: | ELSA-2008:0884: libxml2 security update (Important) | ||
Description: | Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0884-01 CVE-2008-3529 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | libxml2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29030 | |||
Oval ID: | oval:org.mitre.oval:def:29030 | ||
Title: | RHSA-2008:0884 -- libxml2 security update (Important) | ||
Description: | Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and write XML and HTML files. A heap-based buffer overflow flaw was found in the way libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-3529) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0884 CESA-2008:0884-CentOS 3 CESA-2008:0884-CentOS 5 CVE-2008-3529 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6103 | |||
Oval ID: | oval:org.mitre.oval:def:6103 | ||
Title: | Libxml2 Heap Overflow in xmlParseAttValueComplex() Lets Remote Users Execute Arbitrary Code | ||
Description: | Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3529 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8076 | |||
Oval ID: | oval:org.mitre.oval:def:8076 | ||
Title: | DSA-1654 libxml2 -- buffer overflow | ||
Description: | It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1654 CVE-2008-3529 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2009-05-26 | Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-03 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd1.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:314 (apr) File : nvt/mdksa_2009_314.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for libxml2 File : nvt/sles10_libxml2.nasl |
2009-10-13 | Name : Solaris Update for XML and XSLT libraries 125732-05 File : nvt/gb_solaris_125732_05.nasl |
2009-10-13 | Name : Solaris Update for XML and XSLT libraries 125731-05 File : nvt/gb_solaris_125731_05.nasl |
2009-10-13 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114015-24 File : nvt/gb_solaris_114015_24.nasl |
2009-10-13 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114014-24 File : nvt/gb_solaris_114014_24.nasl |
2009-10-10 | Name : SLES9: Security update for libxml2 File : nvt/sles9p5035440.nasl |
2009-09-02 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache15.nasl |
2009-09-02 | Name : Mandrake Security Advisory MDVSA-2009:221 (libneon0.27) File : nvt/mdksa_2009_221.nasl |
2009-08-17 | Name : Ubuntu USN-815-1 (libxml2) File : nvt/ubuntu_815_1.nasl |
2009-06-09 | Name : FreeBSD Ports: apr File : nvt/freebsd_apr.nasl |
2009-06-09 | Name : Mandrake Security Advisory MDVSA-2009:131-1 (apr-util) File : nvt/mdksa_2009_131_1.nasl |
2009-06-09 | Name : Mandrake Security Advisory MDVSA-2009:131 (apr-util) File : nvt/mdksa_2009_131.nasl |
2009-06-03 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114014-22 File : nvt/gb_solaris_114014_22.nasl |
2009-06-03 | Name : Solaris Update for XML and XSLT libraries 125731-04 File : nvt/gb_solaris_125731_04.nasl |
2009-06-03 | Name : Solaris Update for XML and XSLT libraries 125732-04 File : nvt/gb_solaris_125732_04.nasl |
2009-06-03 | Name : Solaris Update for libxml, libxslt and Freeware man pages 114015-22 File : nvt/gb_solaris_114015_22.nasl |
2009-04-09 | Name : Mandriva Update for libxml2 MDVSA-2008:192 (libxml2) File : nvt/gb_mandriva_MDVSA_2008_192.nasl |
2009-03-23 | Name : Ubuntu Update for libxml2 vulnerabilities USN-644-1 File : nvt/gb_ubuntu_USN_644_1.nasl |
2009-03-06 | Name : RedHat Update for libxml2 RHSA-2008:0884-01 File : nvt/gb_RHSA-2008_0884-01_libxml2.nasl |
2009-03-06 | Name : RedHat Update for libxml2 RHSA-2008:0886-01 File : nvt/gb_RHSA-2008_0886-01_libxml2.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0886-01 centos2 i386 File : nvt/gb_CESA-2008_0886-01_libxml2_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0884 centos3 x86_64 File : nvt/gb_CESA-2008_0884_libxml2_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libxml2 CESA-2008:0884 centos3 i386 File : nvt/gb_CESA-2008_0884_libxml2_centos3_i386.nasl |
2008-12-03 | Name : Gentoo Security Advisory GLSA 200812-06 (libxml2) File : nvt/glsa_200812_06.nasl |
2008-11-01 | Name : FreeBSD Ports: libxml2 File : nvt/freebsd_libxml20.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1654-1 (libxml2) File : nvt/deb_1654_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73175 | jabberd14 Entity Expansion Recursion XML Nested Entity Handling DoS jabberd14 fails to properly detect recursion during entity expansion, allowing a context-dependent attacker to use a crafted XML document to cause a denial of service. |
73174 | jabberd2 Entity Expansion Recursion XML Nested Entity Handling DoS jabberd2 fails to properly detect recursion during entity expansion, allowing a context-dependent attacker to use a crafted XML document to cause a denial of service. |
73173 | citadel Entity Expansion Recursion XML Nested Entity Handling DoS citadel fails to properly detect recursion during entity expansion, allowing a context-dependent attacker to use a crafted XML document to cause a denial of service. |
73172 | Prosody Entity Expansion Recursion XML Nested Entity Handling DoS Prosody fails to properly detect recursion during entity expansion, allowing a context-dependent attacker to use a crafted XML document to cause a denial of service. |
73171 | LuaExpat Entity Expansion Recursion XML Nested Entity Handling DoS LuaExpat fails to properly detect recursion during entity expansion, allowing a context-dependent attacker to use a crafted XML document to cause a denial of service. |
73170 | ejabberd Entity Expansion Recursion XML Nested Entity Handling DoS ejabberd fails to properly detect recursion during entity expansion, allowing a context-dependent attacker to use a crafted XML document to cause a denial of service. |
48158 | libxml2 parser.c xmlParseAttValueComplex Function XML Entity Name Handling DoS |
48157 | libxml2 Entity Expansion Recursion XML Nested Entity Handling DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | libxml2 file processing long entity overflow attempt RuleID : 15866 - Revision : 16 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0018.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0884.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127680-07 File : solaris8_127680.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 123924-11 File : solaris10_x86_123924.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127681-07 File : solaris9_127681.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 123922-11 File : solaris9_x86_123922.nasl - Type : ACT_GATHER_INFO |
2013-07-03 | Name : The remote host is missing Sun Security Patch number 127682-07 File : solaris9_x86_127682.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0882.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0881.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080911_libxml2_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-06-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_01d3ab7d9c4311e0bc0f0014a5e3cda6.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-314.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12237.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-221.nasl - Type : ACT_GATHER_INFO |
2009-08-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-815-1.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2008-0017.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libxml2-080905.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2009-06-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-131.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_3_2_3.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris10_x86_120955.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-644-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris9_x86_120955.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123921-12 File : solaris9_123921.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris9_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123920-12 File : solaris8_123920.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris8_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-192.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris10_120954.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote host is missing Sun Security Patch number 123923-12 File : solaris10_123923.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-06.nasl - Type : ACT_GATHER_INFO |
2008-10-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1654.nasl - Type : ACT_GATHER_INFO |
2008-10-15 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d71da2369a9411dd8f42001c2514716c.nasl - Type : ACT_GATHER_INFO |
2008-09-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libxml2-5583.nasl - Type : ACT_GATHER_INFO |
2008-09-15 | Name : The remote openSUSE host is missing a security update. File : suse_libxml2-5586.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0886.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0884.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0884.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote host is missing Sun Security Patch number 125731-13 File : solaris10_125731.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote host is missing Sun Security Patch number 125732-13 File : solaris10_x86_125732.nasl - Type : ACT_GATHER_INFO |
2007-06-04 | Name : The remote host is missing Sun Security Patch number 119467-17 File : solaris10_x86_119467.nasl - Type : ACT_GATHER_INFO |
2006-11-20 | Name : The remote host is missing Sun Security Patch number 123919-12 File : solaris7_123919.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119467-17 File : solaris9_x86_119467.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 114015-28 File : solaris9_x86_114015.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 114014-28 File : solaris9_114014.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:58 |
|