Lucene search

HistoryMar 13, 2008 - 12:00 a.m.

GLSA-200803-20 : International Components for Unicode: Multiple vulnerabilities

2008-03-1300:00:00

www.tenable.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.008

Percentile

81.3%

JSON

The remote host is affected by the vulnerability described in GLSA-200803-20 (International Components for Unicode: Multiple vulnerabilities)

Will Drewry (Google Security) reported a vulnerability in the regular     expression engine when using back references to capture \\0 characters     (CVE-2007-4770). He also found that the backtracking stack size is not     limited, possibly allowing for a heap-based buffer overflow     (CVE-2007-4771).

Impact :

A remote attacker could submit specially crafted regular expressions to     an application using the library, possibly resulting in the remote     execution of arbitrary code with the privileges of the user running the     application or a Denial of Service.

Workaround :

There is no known workaround at this time.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200803-20.
#
# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(31446);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2007-4770", "CVE-2007-4771");
  script_xref(name:"GLSA", value:"200803-20");

  script_name(english:"GLSA-200803-20 : International Components for Unicode: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200803-20
(International Components for Unicode: Multiple vulnerabilities)

    Will Drewry (Google Security) reported a vulnerability in the regular
    expression engine when using back references to capture \\0 characters
    (CVE-2007-4770). He also found that the backtracking stack size is not
    limited, possibly allowing for a heap-based buffer overflow
    (CVE-2007-4771).
  
Impact :

    A remote attacker could submit specially crafted regular expressions to
    an application using the library, possibly resulting in the remote
    execution of arbitrary code with the privileges of the user running the
    application or a Denial of Service.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200803-20"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All International Components for Unicode users should upgrade to the
    latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=dev-libs/icu-3.8.1-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:icu");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/03/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"dev-libs/icu", unaffected:make_list("ge 3.8.1-r1", "rge 3.6-r2"), vulnerable:make_list("lt 3.8.1-r1"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "International Components for Unicode");
}

VendorProductVersionCPE
gentoolinuxicup-cpe:/a:gentoo:linux:icu
gentoolinuxcpe:/o:gentoo:linux

Vendor	Product	Version	CPE
gentoo	linux	icu	p-cpe:/a:gentoo:linux:icu
gentoo	linux		cpe:/o:gentoo:linux

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771

security.gentoo.org/glsa/200803-20

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.008

Percentile

81.3%

JSON

Related for GENTOO_GLSA-200803-20.NASL