FreeBSD : Exiv2 -- Multiple vulnerabilities (d49f86ab-d9c7-11eb-a200-00155d01f201)

high Nessus Plugin ID 151377

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Exiv2 teams reports :

Multiple vulnerabilities covering buffer overflows, out-of-bounds, read of uninitialized memory and denial of serivce. The heap overflow is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. The read of uninitialized memory is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to leak a few bytes of stack memory, if they can trick the victim into running Exiv2 on a crafted image file.

Solution

Update the affected package.

See Also

https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm

https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5

https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj

https://github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2

https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr

https://github.com/Exiv2/exiv2/security/advisories/GHSA-jgm9-5fw5-pw9p

https://github.com/Exiv2/exiv2/security/advisories/GHSA-6253-qjwm-3q4v

https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj

https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jp9-m3fv-2vg9

http://www.nessus.org/u?062220b4

Plugin Details

Severity: High

ID: 151377

File Name: freebsd_pkg_d49f86abd9c711eba20000155d01f201.nasl

Version: 1.3

Type: local

Published: 7/6/2021

Updated: 12/11/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-29464

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:exiv2, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/30/2021

Vulnerability Publication Date: 4/25/2021

Reference Information

CVE: CVE-2021-29457, CVE-2021-29458, CVE-2021-29463, CVE-2021-29464, CVE-2021-29470, CVE-2021-29473, CVE-2021-29623, CVE-2021-32617, CVE-2021-3482