exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

CVE-2015-0247

Status Candidate

Overview

Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.

Related Files

Gentoo Linux Security Advisory 201701-06
Posted Jan 2, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-6 - A heap-based buffer overflow in e2fsprogs might allow local attackers to execute arbitrary code. Versions less than 1.42.12 are affected.

tags | advisory, overflow, arbitrary, local
systems | linux, gentoo
advisories | CVE-2015-0247
MD5 | 68f01c6d8eb7ded679f17088dfc82c01
Mandriva Linux Security Advisory 2015-067
Posted Mar 27, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-067 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-0247, CVE-2015-1572
MD5 | 8e0debf37d0603266303cba08ff177d3
Ubuntu Security Notice USN-2507-1
Posted Feb 24, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2507-1 - Jose Duart discovered that e2fsprogs incorrectly handled invalid block group descriptor data. A local attacker could use this issue with a crafted filesystem image to possibly execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2015-0247, CVE-2015-1572
MD5 | 13dbe764219c34a262d5d56c8323f55d
Debian Security Advisory 3166-1
Posted Feb 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3166-1 - Jose Duart of the Google Security Team discovered a buffer overflow in in e2fsprogs, a set of utilities for the ext2, ext3, and ext4 file systems. This issue can possibly lead to arbitrary code execution if a malicious device is plugged in, the system is configured to automatically mount it, and the mounting process chooses to run fsck on the device's malicious filesystem.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2015-0247, CVE-2015-1572
MD5 | abb18495ca42f1361840e9a9e29a0eca
Mandriva Linux Security Advisory 2015-045
Posted Feb 12, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-045 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2015-0247
MD5 | 3e122b7dcd8cbe99b418a483273d4e7f
e2fsprogs Input Sanitization
Posted Feb 6, 2015
Authored by Andrea Barisani, Open Source CERT

The e2fsprogs package is a set of open source utilities for ext2, ext3 and ext4 filesytems. The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. Versions prior to 1.42.12 are affected.

tags | advisory, overflow
advisories | CVE-2015-0247
MD5 | e869d40ab54c548d2ad978b7cd2d1ffb
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close