BID:22878

NetBSD KTRUser Integer Overflow Vulnerability

Info

NetBSD KTRUser Integer Overflow Vulnerability

Bugtraq ID:	22878
Class:	Boundary Condition Error
CVE:	CVE-2007-1273
Remote:	No
Local:	Yes
Published:	Mar 08 2007 12:00AM
Updated:	Mar 08 2007 12:00AM
Credit:	Christer Oberg of BitSec discovered and reported this issue.
Vulnerable:	NetBSD NetBSD 3.0.1 NetBSD NetBSD 2.1 NetBSD NetBSD 2.0.3 NetBSD NetBSD 2.0.2 NetBSD NetBSD 2.0.1 NetBSD NetBSD 2.0 NetBSD NetBSD 4.0 NetBSD NetBSD 2.0.4 Navision Financials Server 3.0

Not Vulnerable:

Discussion

NetBSD KTRUser Integer Overflow Vulnerability

NetBSD is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data.

An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions.

NetBSD 4.0-current and prior versions are affected.

Exploit / POC

NetBSD KTRUser Integer Overflow Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Solution / Fix

NetBSD KTRUser Integer Overflow Vulnerability

Solution:
The vendor fixed this issue in the current release, as of October 22, 2006. Please see the referenced advisories for more information.

References

NetBSD KTRUser Integer Overflow Vulnerability

References:

NetBSD Homepage (NetBSD)
NetBSD-SA2007-001: NetBSD Security Advisory 2007-001 (NetBSD)