Lucene search

FreeBSD97EDF5AB-B319-11D9-837D-000E0C2E438A

HistoryApr 13, 2005 - 12:00 a.m.

junkbuster -- heap corruption vulnerability and configuration modification vulnerability

2005-04-1300:00:00

vuxml.freebsd.org

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.078

Percentile

94.2%

JSON

A Debian advisory reports:

James Ranson discovered that an attacker can modify the
referrer setting with a carefully crafted URL by accidently
overwriting a global variable.
Tavis Ormandy from the Gentoo Security Team discovered
several heap corruptions due to inconsistent use of an
internal function that can crash the daemon or possibly
lead to the execution of arbitrary code.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchjunkbuster< 2.0.2_3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	junkbuster	< 2.0.2_3	UNKNOWN

References

www.debian.org/security/2005/dsa-713

www.gentoo.org/security/en/glsa/glsa-200504-11.xml

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.078

Percentile

94.2%

JSON

Related for 97EDF5AB-B319-11D9-837D-000E0C2E438A