Libsafe Multi-threaded Process Race Condition Security Bypass Weakness
BID:13190
Info
Libsafe Multi-threaded Process Race Condition Security Bypass Weakness
| Bugtraq ID: | 13190 |
| Class: | Race Condition Error |
| CVE: |
CVE-2005-1125 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 15 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | Discovery is credited to Overflow.pl. |
| Vulnerable: |
Avaya Labs Libsafe 2.0 -16 |
| Not Vulnerable: | |
Discussion
Libsafe Multi-threaded Process Race Condition Security Bypass Weakness
Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported that may allow Libsafe security failsafe mechanisms to be bypassed.
This vulnerability is due to a race condition that may be exposed when Libsafe is used with multi-threaded applications. The result is that Libsafe security features may be bypassed and an attack that would ordinarily be prevented may succeed. It should be noted that this is an implementation error in Libsafe that does not present a security risk unless there is a memory corruption vulnerability in a multi-threaded application on an affected computer.
This issue was reported in Libsafe 2.0-16. Other versions may also be affected.
Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported that may allow Libsafe security failsafe mechanisms to be bypassed.
This vulnerability is due to a race condition that may be exposed when Libsafe is used with multi-threaded applications. The result is that Libsafe security features may be bypassed and an attack that would ordinarily be prevented may succeed. It should be noted that this is an implementation error in Libsafe that does not present a security risk unless there is a memory corruption vulnerability in a multi-threaded application on an affected computer.
This issue was reported in Libsafe 2.0-16. Other versions may also be affected.
Exploit / POC
Libsafe Multi-threaded Process Race Condition Security Bypass Weakness
A proof-of-concept was provided to demonstrate the issue. The proof-of-concept may need to be executed multiple times to successfully exploit the issue.
A proof-of-concept was provided to demonstrate the issue. The proof-of-concept may need to be executed multiple times to successfully exploit the issue.
Solution / Fix
Libsafe Multi-threaded Process Race Condition Security Bypass Weakness
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Libsafe Multi-threaded Process Race Condition Security Bypass Weakness
References:
References:
- Libsafe Project Page (Avaya Labs)
- [Overflow.pl] Libsafe - Safety Check Bypass Vulnerability ("Overflow.pl"