Detections
Analytics
FreeBSD : cdf3 -- Buffer overflow vulnerability (c4f31e16-6e33-11dd-8eb7-0011098ad87f)
high Nessus Plugin ID 33938
Synopsis
The remote FreeBSD host is missing a security-related update.Description
NASA Goddard Space Flight Center reports :The libraries for the scientific data file format, Common Data Format (CDF) version 3.2 and earlier, have the potential for a buffer overflow vulnerability when reading specially crafted (invalid) CDF files. If successful, this could trigger execution of arbitrary code within the context of the CDF-reading program that could be exploited to compromise a system, or otherwise crash the program. While it's unlikely that you would open CDFs from untrusted sources, we recommend everyone upgrade to the latest CDF libraries on their systems, including the IDL and Matlab plugins. Most worrisome is any service that enables the general public to submit CDF files for processing.
The vulnerability is in the CDF library routines not properly checking the length tags on a CDF file before copying data to a stack buffer.
Exploitation requires the user to explicitly open a specially crafted file. CDF users should not open files from untrusted third parties until the patch is applied (and continue then to exercise normal caution for files from untrusted third parties).
Solution
Update the affected package.See Also
Plugin Details
Severity: High
ID: 33938
File Name: freebsd_pkg_c4f31e166e3311dd8eb70011098ad87f.nasl
Version: 1.16
Type: local
Family: FreeBSD Local Security Checks
Published: 8/20/2008
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.6
CVSS v2
Risk Factor: High
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:cdf3, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 8/19/2008
Vulnerability Publication Date: 5/15/2008
Reference Information
CVE: CVE-2008-2080
CWE: 119