usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability
BID:51573
Info
usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability
| Bugtraq ID: | 51573 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-0065 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 19 2012 12:00AM |
| Updated: | Apr 13 2015 09:28PM |
| Credit: | rigan |
| Vulnerable: |
Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Nikias Bassen usbmuxd 1.0.7 Nikias Bassen usbmuxd 1.0.6 Nikias Bassen usbmuxd 1.0.5 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 Gentoo Linux |
| Not Vulnerable: | |
Discussion
usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability
usbmuxd is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Attackers can leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
usbmuxd is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Attackers can leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Exploit / POC
usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Business Server 1 X86 64
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2011 x86_64
-
Mandriva lib64usbmuxd-devel-1.0.7-1.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64usbmuxd1-1.0.7-1.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva usbmuxd-1.0.7-1.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/
Mandriva Linux Mandrake 2011
-
Mandriva libusbmuxd-devel-1.0.7-1.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libusbmuxd1-1.0.7-1.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva usbmuxd-1.0.7-1.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/
Mandriva Business Server 1 X86 64
-
Mandriva lib64usbmuxd-devel-1.0.7-3.1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64usbmuxd1-1.0.7-3.1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva usbmuxd-1.0.7-3.1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/
References
usbmuxd 'libusbmuxd/libusbmuxd.c' Heap Based Buffer Overflow Vulnerability
References:
References:
- Fix possible buffer overflow (Nikias Bassen)
- usbmuxd Homepage (Nikias Bassen)