346501 – (CVE-2009-5018) <media-gfx/gif2png-2.5.1-r1: Command Line Stack Overflow (CVE-2009-5018)

Bug 346501 (CVE-2009-5018) - <media-gfx/gif2png-2.5.1-r1: Command Line Stack Overflow (CVE-2009-5018)

Summary: <media-gfx/gif2png-2.5.1-r1: Command Line Stack Overflow (CVE-2009-5018)

Status:	RESOLVED FIXED

Alias:	CVE-2009-5018

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal
Assignee:	Gentoo Security

URL:	http://bugs.debian.org/cgi-bin/bugrep...
Whiteboard:	B2 [glsa]
Keywords:

Duplicates (1):	374641 (view as bug list)
Depends on:
Blocks:

Reported:	2010-11-23 05:45 UTC by Tim Sammut (RETIRED)
Modified:	2011-07-11 01:40 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tim Sammut (RETIRED) gentoo-dev

2010-11-23 05:45:06 UTC

From the Secunia advisory at http://secunia.com/advisories/42339/: 

DESCRIPTION:
Fedora has issued an update for gif2png. This fixes a vulnerability,
which can be exploited by malicious people to potentially compromise
a vulnerable system.

The vulnerability is caused due to a boundary error when processing
overly long command line arguments. This can be exploited to e.g.
cause a stack-based buffer overflow by passing specially crafted
filenames to the application.


There is a patch at http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup.

If I read the patch correctly, upstream's 2.5.3 is still vulnerable.

Comment 1 Tim Sammut (RETIRED) gentoo-dev

2010-11-23 05:46:40 UTC

Rating B2 since there appears to be many web applications using this app; and [ebuild] since we have a patch for 2.5.3.

Comment 2 Markus Meier gentoo-dev

2010-12-03 09:41:58 UTC

*gif2png-2.5.1-r1 (03 Dec 2010)

  03 Dec 2010; Markus Meier <maekke@gentoo.org> +gif2png-2.5.1-r1.ebuild,
  +files/gif2png-2.5.1-overflow.patch:
  fix overflow bug #346501

Comment 3 Tim Sammut (RETIRED) gentoo-dev

2010-12-03 14:40:31 UTC

Arches, please test and mark stable:
=media-gfx/gif2png-2.5.1-r1
Target keywords : "amd64 ppc ppc64 sparc x86"

Comment 4 David Abbott (RETIRED) gentoo-dev

2010-12-03 21:42:37 UTC

Archtested on x86: Everything fine

Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2010-12-04 09:39:36 UTC

x86 stable, thanks David

Comment 6 Raúl Porcel (RETIRED) gentoo-dev

2010-12-04 17:30:17 UTC

sparc stable

Comment 7 Agostino Sarubbo gentoo-dev

2010-12-04 19:32:09 UTC

amd64 ok

Comment 8 Markos Chandras (RETIRED) gentoo-dev

2010-12-05 16:18:42 UTC

amd64 done. Thanks Agostino

Comment 9 Jeroen Roovers (RETIRED) gentoo-dev

2010-12-08 16:48:57 UTC

Stable for PPC.

Comment 10 Brent Baude (RETIRED) gentoo-dev

2010-12-10 19:40:04 UTC

ppc64 done

Comment 11 Tim Sammut (RETIRED) gentoo-dev

2010-12-10 20:36:28 UTC

GLSA Request filed.

Comment 12 Tim Sammut (RETIRED) gentoo-dev

2011-01-05 04:31:38 UTC

Thanks, folks. This is GLSA 201101-01.

http://www.gentoo.org/security/en/glsa/glsa-201101-01.xml

Comment 13 Tim Sammut (RETIRED) gentoo-dev

2011-07-11 01:40:47 UTC

*** Bug 374641 has been marked as a duplicate of this bug. ***