xboing Local Buffer Overflow Vulnerabilities
BID:9764
Info
xboing Local Buffer Overflow Vulnerabilities
| Bugtraq ID: | 9764 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-0149 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 27 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery is credited to Steve Kemp. |
| Vulnerable: |
xboing xboing 2.4 |
| Not Vulnerable: | |
Discussion
xboing Local Buffer Overflow Vulnerabilities
xboing is prone to multiple buffer overflows that could be exploited to allow a local user to elevate their privileges.
xboing is prone to multiple buffer overflows that could be exploited to allow a local user to elevate their privileges.
Exploit / POC
xboing Local Buffer Overflow Vulnerabilities
This vulnerability and other local evironment vulnerabilities can be exploited using env-overflow. See the References section for a link to this utility.
This vulnerability and other local evironment vulnerabilities can be exploited using env-overflow. See the References section for a link to this utility.
Solution / Fix
xboing Local Buffer Overflow Vulnerabilities
Solution:
Debian has released an advisory (DSA 451-1) and fixes to address this issue. See the referenced advisory for links to fixes.
xboing xboing 2.4
Solution:
Debian has released an advisory (DSA 451-1) and fixes to address this issue. See the referenced advisory for links to fixes.
xboing xboing 2.4
-
Debian xboing_2.4-26woody1_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_alpha.deb -
Debian xboing_2.4-26woody1_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_arm.deb -
Debian xboing_2.4-26woody1_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_hppa.deb -
Debian xboing_2.4-26woody1_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_i386.deb -
Debian xboing_2.4-26woody1_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_ia64.deb -
Debian xboing_2.4-26woody1_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_m68k.deb -
Debian xboing_2.4-26woody1_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_mips.deb -
Debian xboing_2.4-26woody1_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_mipsel.deb -
Debian xboing_2.4-26woody1_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_powerpc.deb -
Debian xboing_2.4-26woody1_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_s390.deb -
Debian xboing_2.4-26woody1_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/x/xboing/xboing_2.4-26woo dy1_sparc.deb
References
xboing Local Buffer Overflow Vulnerabilities
References:
References:
- Generic Buffer Overflow Attacks (Steve.org.uk)
- Re: [SECURITY] [DSA 451-1] New xboing packages fix buffer overflows (Steve Kemp