Detections
Analytics
Cygwin < 1.5.24 cygwin1.dll Crafted Filename Handling Overflow
high Nessus Plugin ID 28330
Synopsis
The remote Windows host contains an application that is prone to a buffer overflow vulnerability.Description
Cygwin, a Linux-like environment for Windows, is installed on the remote host.The version of Cygwin installed on the remote host is affected by a heap-based buffer overflow vulnerability involving a filename length check. Using a filename between 233 and 239 characters, an attacker who can create a file on the remote can leverage this issue to execute arbitrary code on the affected host subject to the privileges under which Cygwin operates.
Solution
Upgrade to Cygwin 1.5.24 as that version is reportedly not affected.See Also
https://www.securityfocus.com/archive/1/484153/30/0/threaded
http://cygwin.com/ml/cygwin-developers/2007-11/msg00001.html
Plugin Details
Severity: High
ID: 28330
File Name: cygwin_1_5_24.nasl
Version: 1.13
Type: local
Agent: windows
Family: Windows
Published: 11/27/2007
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 8.5
Temporal Score: 6.3
Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C
Vulnerability Information
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Reference Information
CVE: CVE-2007-6181
BID: 26557
CWE: 119