HT Editor ELF Parser Unspecified Remote Heap Overflow Vulnerability
BID:13584
Info
HT Editor ELF Parser Unspecified Remote Heap Overflow Vulnerability
| Bugtraq ID: | 13584 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-1545 |
| Remote: | Yes |
| Local: | No |
| Published: | May 10 2005 12:00AM |
| Updated: | Jul 12 2009 02:06PM |
| Credit: | Discovery is credited to Tavis Ormandy. |
| Vulnerable: |
HT Editor HT Editor 0.8 HT Editor HT Editor 0.5 |
| Not Vulnerable: | |
Discussion
HT Editor ELF Parser Unspecified Remote Heap Overflow Vulnerability
HT Editor is affected by an unspecified heap overflow vulnerability.
Specific details about this issue are not currently available. It is known that this vulnerability affects the ELF parser.
A successful attack may result in arbitrary code execution and allow the attacker to gain unauthorized access to the vulnerable computer.
HT Editor 0.8.0 and prior versions are affected by this issue.
HT Editor is affected by an unspecified heap overflow vulnerability.
Specific details about this issue are not currently available. It is known that this vulnerability affects the ELF parser.
A successful attack may result in arbitrary code execution and allow the attacker to gain unauthorized access to the vulnerable computer.
HT Editor 0.8.0 and prior versions are affected by this issue.
Exploit / POC
HT Editor ELF Parser Unspecified Remote Heap Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
HT Editor ELF Parser Unspecified Remote Heap Overflow Vulnerability
Solution:
Gentoo has released advisory GLSA 200505-08 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:
emerge --sync
emerge --ask --oneshot --verbose ">=app-editors/hteditor-0.8.0-r2"
Debian Linux has released security advisory DSA 743-1 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
Debian has released security advisory DSA 773-1 addressing several issues for their AMD64 port of the operating system. Please see the referenced
advisory for further information.
HT Editor HT Editor 0.5
HT Editor HT Editor 0.8
Solution:
Gentoo has released advisory GLSA 200505-08 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:
emerge --sync
emerge --ask --oneshot --verbose ">=app-editors/hteditor-0.8.0-r2"
Debian Linux has released security advisory DSA 743-1 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
Debian has released security advisory DSA 773-1 addressing several issues for their AMD64 port of the operating system. Please see the referenced
advisory for further information.
HT Editor HT Editor 0.5
-
Debian ht_0.5.0-1woody4_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_alp ha.deb -
Debian ht_0.5.0-1woody4_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_arm .deb -
Debian ht_0.5.0-1woody4_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_i38 6.deb -
Debian ht_0.5.0-1woody4_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_ia6 4.deb -
Debian ht_0.5.0-1woody4_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_m68 k.deb -
Debian ht_0.5.0-1woody4_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_mip s.deb -
Debian ht_0.5.0-1woody4_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_mip sel.deb -
Debian ht_0.5.0-1woody4_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_pow erpc.deb -
Debian ht_0.5.0-1woody4_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_s39 0.deb -
Debian ht_0.5.0-1woody4_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/h/ht/ht_0.5.0-1woody4_spa rc.deb
HT Editor HT Editor 0.8
-
Debian ht_0.8.0-2sarge4_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/h/ht/ht_0.8.0-2sarge4_amd 64.deb
References
HT Editor ELF Parser Unspecified Remote Heap Overflow Vulnerability
References:
References:
- HT Editor Home Page (HT Editor)