FTE Multiple Local Unspecified Buffer Overflow Vulnerabilities
BID:10041
Info
FTE Multiple Local Unspecified Buffer Overflow Vulnerabilities
| Bugtraq ID: | 10041 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2003-0648 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 04 2004 12:00AM |
| Updated: | Jul 12 2009 04:06AM |
| Credit: | Discovery of these issues are credited to Steve Kemp and Jaguar. |
| Vulnerable: |
fte text editor 0.49.13 |
| Not Vulnerable: | |
Discussion
FTE Multiple Local Unspecified Buffer Overflow Vulnerabilities
It has been reported that vfte is prone to multiple unspecified buffer overflow vulnerabilities. These issues are due to a failure of the application to verify buffer boundaries while processing user supplied input.
Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system with root privileges, as this application is setuid root.
It has been reported that vfte is prone to multiple unspecified buffer overflow vulnerabilities. These issues are due to a failure of the application to verify buffer boundaries while processing user supplied input.
Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system with root privileges, as this application is setuid root.
Exploit / POC
FTE Multiple Local Unspecified Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
FTE Multiple Local Unspecified Buffer Overflow Vulnerabilities
Solution:
Debian has released advisory DSA 472-1 dealing with this issue. Please see the referenced advisory for more information.
fte text editor 0.49.13
Solution:
Debian has released advisory DSA 472-1 dealing with this issue. Please see the referenced advisory for more information.
fte text editor 0.49.13
-
Debian fte-console_0.49.13-15woody1_alpha.deb
Alpha Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_alpha.deb -
Debian fte-console_0.49.13-15woody1_arm.deb
ARM Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_arm.deb -
Debian fte-console_0.49.13-15woody1_hppa.deb
HP Precision Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_hppa.deb -
Debian fte-console_0.49.13-15woody1_i386.deb
IA-32 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_i386.deb -
Debian fte-console_0.49.13-15woody1_ia64.deb
IA-64 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_ia64.deb -
Debian fte-console_0.49.13-15woody1_m68k.deb
Motorola 680x0 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_m68k.deb -
Debian fte-console_0.49.13-15woody1_mips.deb
Big Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_mips.deb -
Debian fte-console_0.49.13-15woody1_mipsel.deb
Little Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_mipsel.deb -
Debian fte-console_0.49.13-15woody1_powerpc.deb
PowerPC Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_powerpc.deb -
Debian fte-console_0.49.13-15woody1_s390.deb
IBM S/390 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_s390.deb -
Debian fte-console_0.49.13-15woody1_sparc.deb
Sun Sparc Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-console_0.49.13 -15woody1_sparc.deb -
Debian fte-docs_0.49.13-15woody1_alpha.deb
Alpha Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_alpha.deb -
Debian fte-docs_0.49.13-15woody1_arm.deb
ARM Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_arm.deb -
Debian fte-docs_0.49.13-15woody1_hppa.deb
HP Precision Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_hppa.deb -
Debian fte-docs_0.49.13-15woody1_i386.deb
IA-32 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_i386.deb -
Debian fte-docs_0.49.13-15woody1_ia64.deb
IA-64 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_ia64.deb -
Debian fte-docs_0.49.13-15woody1_m68k.deb
Motorola 680x0 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_m68k.deb -
Debian fte-docs_0.49.13-15woody1_mips.deb
Big Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_mips.deb -
Debian fte-docs_0.49.13-15woody1_mipsel.deb
Little Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_mipsel.deb -
Debian fte-docs_0.49.13-15woody1_powerpc.deb
PowerPC Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_powerpc.deb -
Debian fte-docs_0.49.13-15woody1_s390.deb
IBM S/390 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_s390.deb -
Debian fte-docs_0.49.13-15woody1_sparc.deb
Sun Sparc Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-docs_0.49.13-15 woody1_sparc.deb -
Debian fte-terminal_0.49.13-15woody1_alpha.deb
Alpha Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_alpha.deb -
Debian fte-terminal_0.49.13-15woody1_arm.deb
ARM Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_arm.deb -
Debian fte-terminal_0.49.13-15woody1_hppa.deb
HP Precision Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_hppa.deb -
Debian fte-terminal_0.49.13-15woody1_i386.deb
IA-32 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_i386.deb -
Debian fte-terminal_0.49.13-15woody1_ia64.deb
IA-64 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_ia64.deb -
Debian fte-terminal_0.49.13-15woody1_m68k.deb
Motorola 680x0 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_m68k.deb -
Debian fte-terminal_0.49.13-15woody1_mips.deb
Big Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_mips.deb -
Debian fte-terminal_0.49.13-15woody1_mipsel.deb
Little Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_mipsel.deb -
Debian fte-terminal_0.49.13-15woody1_powerpc.deb
PowerPC Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_powerpc.deb -
Debian fte-terminal_0.49.13-15woody1_s390.deb
IBM S/390 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_s390.deb -
Debian fte-terminal_0.49.13-15woody1_sparc.deb
Sun Sparc Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-terminal_0.49.1 3-15woody1_sparc.deb -
Debian fte-xwindow_0.49.13-15woody1_alpha.deb
Alpha Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_alpha.deb -
Debian fte-xwindow_0.49.13-15woody1_arm.deb
ARM Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_arm.deb -
Debian fte-xwindow_0.49.13-15woody1_hppa.deb
HP Precision Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_hppa.deb -
Debian fte-xwindow_0.49.13-15woody1_i386.deb
IA-32 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_i386.deb -
Debian fte-xwindow_0.49.13-15woody1_ia64.deb
IA-64 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_ia64.deb -
Debian fte-xwindow_0.49.13-15woody1_m68k.deb
Motorola 680x0 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_m68k.deb -
Debian fte-xwindow_0.49.13-15woody1_mips.deb
Big Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_mips.deb -
Debian fte-xwindow_0.49.13-15woody1_mipsel.deb
Little Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_mipsel.deb -
Debian fte-xwindow_0.49.13-15woody1_powerpc.deb
PowerPC Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_powerpc.deb -
Debian fte-xwindow_0.49.13-15woody1_s390.deb
IBM S/390 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_s390.deb -
Debian fte-xwindow_0.49.13-15woody1_sparc.deb
Sun Sparc Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte-xwindow_0.49.13 -15woody1_sparc.deb -
Debian fte_0.49.13-15woody1_alpha.deb
Alpha Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_alpha.deb -
Debian fte_0.49.13-15woody1_arm.deb
ARM Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_arm.deb -
Debian fte_0.49.13-15woody1_hppa.deb
HP Precision Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_hppa.deb -
Debian fte_0.49.13-15woody1_i386.deb
IA-32 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_i386.deb -
Debian fte_0.49.13-15woody1_ia64.deb
IA-64 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_ia64.deb -
Debian fte_0.49.13-15woody1_m68k.deb
Motorola 680x0 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_m68k.deb -
Debian fte_0.49.13-15woody1_mips.deb
Big Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_mips.deb -
Debian fte_0.49.13-15woody1_mipsel.deb
Little Endian MIPS Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_mipsel.deb -
Debian fte_0.49.13-15woody1_powerpc.deb
PowerPC Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_powerpc.deb -
Debian fte_0.49.13-15woody1_s390.deb
IBM S/390 Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_s390.deb -
Debian fte_0.49.13-15woody1_sparc.deb
Sun Sparc Architecture:
http://security.debian.org/pool/updates/main/f/fte/fte_0.49.13-15woody 1_sparc.deb
References
FTE Multiple Local Unspecified Buffer Overflow Vulnerabilities
References:
References: