Secunia Security Advisory - Some vulnerabilities in have been reported fsplib, which potentially can be exploited by malicious people to compromise an application using the library.
ff3ed2adb2106b669bb30d19e8cb462a134e67d3f3ed2fdae230f612a0141e7a
----------------------------------------------------------------------
Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now
available:
http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.
----------------------------------------------------------------------
TITLE:
fsplib Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA26184
VERIFY ADVISORY:
http://secunia.com/advisories/26184/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
fsplib 0.x
http://secunia.com/product/14856/
DESCRIPTION:
Some vulnerabilities in have been reported fsplib, which potentially
can be exploited by malicious people to compromise an application
using the library.
1) A boundary error exists in the processing of file names in
fsp_readdir_native, which can be exploited to cause a stack-based
buffer overflow if the defined MAXNAMLEN is bigger than 256.
2) A boundary error exists in the processing of directory entries in
fsp_readdir, which can be exploited to cause a stack-based buffer
overflow on systems with an insufficient size allocated for the
d_name field of directory entries.
Successful exploitation may allow execution of arbitrary code.
NOTE: The fsp_readdir_r function does not properly NULL terminate the
destination buffer when processing filenames that have MAXNAMLEN
characters.
SOLUTION:
Update to version 0.9.
http://sourceforge.net/project/showfiles.php?group_id=93841&package_id=139615&release_id=526638
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Kalle Olavi Niemitalo.
ORIGINAL ADVISORY:
http://fsp.cvs.sourceforge.net/fsp/fsplib/ChangeLog?revision=1.17&view=markup
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed