FreeBSD : pcre -- multiple vulnerabilities (4a88e3ed-00d3-11e5-a072-d050996490d0)

high Nessus Plugin ID 83795

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

PCRE development team reports :

A pattern such as '((?2){0,1999}())?', which has a group containing a forward reference repeated a large (but limited) number of times within a repeated outer group that has a zero minimum quantifier, caused incorrect code to be compiled, leading to the error 'internal error: previously-checked referenced subpattern not found' when an incorrect memory address was read. This bug was reported as 'heap overflow', discovered by Kai Lu of Fortinet's FortiGuard Labs and given the CVE number CVE-2015-2325.

A pattern such as '((?+1)(\1))/' containing a forward reference subroutine call within a group that also contained a recursive back reference caused incorrect code to be compiled. This bug was reported as 'heap overflow', discovered by Kai Lu of Fortinet's FortiGuard Labs, and given the CVE number CVE-2015-2326.

Solution

Update the affected package.

See Also

http://www.pcre.org/original/changelog.txt

http://www.nessus.org/u?e9438803

Plugin Details

Severity: High

ID: 83795

File Name: freebsd_pkg_4a88e3ed00d311e5a072d050996490d0.nasl

Version: 2.6

Type: local

Published: 5/26/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:pcre, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/22/2015

Vulnerability Publication Date: 4/28/2015

Reference Information

CVE: CVE-2015-2325, CVE-2015-2326