FreeBSD Bugzilla – Attachment 157387 Details for
Bug 200250
[patch] [security] sysutils/testdisk - multiple vulnerabilities
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
security/vuxml entry for testdisk
testdisk-vuxml.diff (text/plain), 2.08 KB, created by
Jason Unovitch
on 2015-06-03 00:45:15 UTC
(
hide
)
Description:
security/vuxml entry for testdisk
Filename:
MIME Type:
Creator:
Jason Unovitch
Created:
2015-06-03 00:45:15 UTC
Size:
2.08 KB
patch
obsolete
>Index: security/vuxml/vuln.xml >=================================================================== >--- security/vuxml/vuln.xml (revision 388392) >+++ security/vuxml/vuln.xml (working copy) >@@ -57,6 +57,46 @@ > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="c67069dc-0986-11e5-bb90-002590263bf5"> >+ <topic>testdisk -- buffer overflow with malicious disk image</topic> >+ <affects> >+ <package> >+ <name>testdisk</name> >+ <range><lt>7.0</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>CGSecurity TestDisk Changelog reports:</p> >+ <blockquote cite="http://www.cgsecurity.org/wiki/TestDisk_7.0_Release"> >+ <p>Various fix including security fix, thanks to:</p> >+ <ul> >+ <li><p>Coverity scan (Static Analysis of source code)</p></li> >+ <li><p>afl-fuzz (security-oriented fuzzer).</p></li> >+ <li><p>Denis Andzakovic from Security Assessment for reporting an >+ exploitable Stack Buffer Overflow.</p></li> >+ </ul> >+ </blockquote> >+ <p>Denis Andzakovic reports:</p> >+ <blockquote cite="http://www.security-assessment.com/files/documents/advisory/Testdisk%20Check_OS2MB%20Stack%20Buffer%20Overflow%20-%20Release.pdf"> >+ <p>A buffer overflow is triggered within the software when a malicious >+ disk image is attempted to be recovered. This may be leveraged by an >+ attacker to crash TestDisk and gain control of program execution. An >+ attacker would have to coerce the victim to run TestDisk against >+ their malicious image.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>http://www.cgsecurity.org/wiki/TestDisk_7.0_Release</url> >+ <url>http://www.security-assessment.com/files/documents/advisory/Testdisk%20Check_OS2MB%20Stack%20Buffer%20Overflow%20-%20Release.pdf</url> >+ </references> >+ <dates> >+ <discovery>2015-04-30</discovery> >+ <entry>2015-06-03</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="bbc0db92-084c-11e5-bb90-002590263bf5"> > <topic>hostapd and wpa_supplicant -- multiple vulnerabilities</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=157387">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 200250
:
157232
|
157361
| 157387