Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA27543] PCRE Multiple Vulnerabilities



> ----------------------------------------------------------------------
>
> TITLE:
> PCRE Multiple Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA27543
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/27543/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> Exposure of sensitive information, DoS, System access
>
> WHERE:
> From remote
>
> SOFTWARE:
> PCRE 7.x
> http://secunia.com/product/13118/
> PCRE 6.x
> http://secunia.com/product/5569/
>
> DESCRIPTION:
> Some vulnerabilities have been reported in PCRE, which can be
> exploited by malicious people to cause a DoS (Denial of Service),
> disclose sensitive information, or potentially compromise an
> application using the library.
>
> 1) An error exists in the processing of "\Q\E" sequences with orphan
> "\E" codes. This can be exploited to desynchronize the compiled
> regular expression and execute corrupted bytecode.
>
> 2) An error in the processing of multiple unspecified character
> classes can be exploited to trigger an insufficient memory
> allocation.
>
> 3) An error exists in the processing of multiple "\X?\d" and
> "\P{L}?\d" patterns in non-UTF-8 mode. This can be exploited to crash
> an affected process or to disclose restricted memory.
>
> 4) An error exists in multiple unspecified routines when searching
> for unmatched brackets or parentheses. This can be exploited to crash
> an affected application via a specially crafted string.
>
> 5) Some integer overflow errors when processing escape sequences can
> be exploited to crash an affected application or potentially cause
> heap-based buffer overflows.
>
> 6) Some errors exist in the processing of "\P" and "\P{x}" sequences.
> This can be exploited to cause heap-based buffer overflows or trigger
> the execution of infinite loops.
>
> 7) An error in the optimization of character classes containing a
> lone unicode sequence can be exploited to cause a heap-based buffer
> overflow.
>
> The vulnerabilities are reported in versions prior to 7.3.
>
> SOLUTION:
> Update to version 7.3 or later.
>
> PROVIDED AND/OR DISCOVERED BY:
> Debian credits Tavis Ormandy, Google Security Team
>
> ORIGINAL ADVISORY:
> http://lists.debian.org/debian-security-announce/debian-securi
> ty-announce-2007/msg00177.html
>



 




Copyright © Lexa Software, 1996-2009.