Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 131273

Summary: net-analyzer/libnasl: DoS because if buffer overflow (not exploitable for code execution)
Product: Gentoo Security Reporter: Raphael Marichez (Falco) (RETIRED) <falco>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: minor CC: jaervosz, netmon
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://archives.neohapsis.com/archives/bugtraq/2006-04/att-0519/os2a_1005.txt
Whiteboard: B3 [upstream]
Package list:
Runtime testing required: ---

Description Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-04-25 14:38:24 UTC 
From: http://archives.neohapsis.com/archives/bugtraq/2006-04/att-0519/os2a_1005.txt
--------------------------
Description:
--------------
A buffer overflow vulnerability exists in the implementation of split()
function in NASL.

Impact:
--------
This causes nasl to consume a large amount of CPU and memory resources
and stop responding. Execution of arbitrary commands on the vulnerable 
host may be possible.

To exploit this, an attacker need to have the ability to execute nasl
scripts using the 'nasl' command.

Affected Software(s):
---------------------
Nessus 3.0.2 and prior
Nessus 2.2.7 and prior
(...)


-----------------------

and from http://archives.neohapsis.com/archives/bugtraq/2006-04/0526.html :

At the opposite of what the full advisory hints, this issue is NOT  
exploitable.
(understand : not exploitable to execute arbitrary code, see http://archives.neohapsis.com/archives/bugtraq/2006-04/0524.html )


a patch is provided in http://archives.neohapsis.com/archives/bugtraq/2006-04/att-0519/os2a_1005.txt

Could you please check the patch and then provide a patched ebuild.
Comment 1 Marcelo Goes (RETIRED) gentoo-dev 2006-04-25 15:37:46 UTC 
I'd rather wait for an upstream release - it looks like Renaud Deraison is aware of the issue...
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2006-04-28 11:06:35 UTC 
Setting to upstream until Renaud comes up with a fixed version
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2006-05-09 10:21:31 UTC 
*** Bug 132352 has been marked as a duplicate of this bug. ***
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2006-05-09 10:22:26 UTC 
Rereading, this one is really sucky. I would just RESOLVED/INVALIDate it.
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-05-09 13:19:52 UTC 
I agree with Koon and closing as invalid. Feel free to reopen if you disagree.
Comment 6 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-05-09 13:28:24 UTC 
OK :)

jaervosz was just here a few minutes before me