An updated libxml package that fixes multiple buffer overflows is now available.

[Updated 24 May 2005] Multilib packages have been added to this advisory

The libxml package contains a library for manipulating XML files.

Multiple buffer overflow bugs have been found in libxml versions prior to 2.6.14. If an attacker can trick a user into passing a specially crafted FTP URL or FTP proxy URL to an application that uses the vulnerable functions of libxml, it could be possible to execute arbitrary code. Additionally, if an attacker can return a specially crafted DNS request to libxml, it could be possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0989 to this issue.

Yuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.
When fetching a remote resource via FTP or HTTP, libxml uses special parsing routines. These routines can overflow a buffer if passed a very long URL. If an attacker is able to find an application using libxml that parses remote resources and allows them to influence the URL, then this flaw could be used to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0110 to this issue.

All users are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.

The remote host is affected by the vulnerability described in GLSA-200411-05 (libxml2: Remotely exploitable buffer overflow)

    Multiple buffer overflows have been detected in the nanoftp and nanohttp     modules. These modules are responsible for parsing URLs with ftp     information, and resolving names via DNS.
  Impact :

    An attacker could exploit an application that uses libxml2 by forcing it to     parse a specially crafted XML file, potentially causing remote execution of     arbitrary code.
  Workaround :

    There is no known workaround at this time.

infamous41md reports that libxml contains multiple buffer overflows in the URL parsing and DNS name resolving functions. These vulnerabilities could lead to execution of arbitrary code.

An updated libxml2 package that fixes multiple buffer overflows is now available.

libxml2 is a library for manipulating XML files.

Multiple buffer overflow bugs have been found in libxml2 versions prior to 2.6.14. If an attacker can trick a user into passing a specially crafted FTP URL or FTP proxy URL to an application that uses the vulnerable functions of libxml2, it could be possible to execute arbitrary code. Additionally, if an attacker can return a specially crafted DNS request to libxml2, it could be possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0989 to this issue.

All users are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.

This update adds missing patches for a buffer overflow in URL parsing code (CVE-2004-0989) and a buffer overflow while handling DNS responses. (CVE-2004-0110)

These bugs can be exploited remotely to execute arbitrary code.

he remote host is missing Security Update 2005-001. This security update contains a number of fixes for the following programs :

  - at commands
  - ColorSync
  - libxml2
  - Mail
  - PHP
  - Safari
  - SquirrelMail

These programs have multiple vulnerabilities which may allow a remote attacker to execute arbitrary code.

This update includes patches from RHEL-3 addressing a number of security vulnerabilities: - CVE-2004-0110 (arbitrary code execution via a long URL) - CVE-2004-0989 (arbitrary code execution via a long URL) - CVE-2009-2414 (stack consumption DoS vulnerabilities) - CVE-2009-2416 (use-after-free DoS vulnerabilities)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several buffer overflows have been discovered in libxml's FTP connection and DNS resolution functions. Supplying very long FTP URLs or IP addresses might result in execution of arbitrary code with the privileges of the process using libxml.

This does not affect the core XML parsing code, which is what the majority of programs use this library for.

Note: The same vulnerability was already fixed for libxml2 in USN-10-1.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Multiple buffer overflows were reported in the libxml XML parsing library. These vulnerabilities may allow remote attackers to execute arbitrary code via a long FTP URL that is not properly handled by the xmlNanoFTPScanURL() function, a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy() function, and other overflows in the code that resolves names via DNS.

The updated packages have been patched to prevent these issues.

'infamous41md' discovered several buffer overflows in libxml and libxml2, the XML C parser and toolkits for GNOME. Missing boundary checks could cause several buffers to be overflown, which may cause the client to execute arbitrary code.

The following vulnerability matrix lists corrected versions of these libraries :

The remote host is missing Security Update 2005-001. This security update contains a number of enhancements for the following programs :

 - at commands
 - ColorSync
 - libxml2
 - Mail
 - PHP
 - Safari
 - SquirrelMail
 

ID	Name	Product	Family	Published	Updated	Severity
21794	CentOS 3 : libxml (CESA-2004:650)	Nessus	CentOS Local Security Checks	7/3/2006	1/4/2021	critical
15610	GLSA-200411-05 : libxml2: Remotely exploitable buffer overflow	Nessus	Gentoo Local Security Checks	11/3/2004	1/6/2021	critical
38061	FreeBSD : libxml -- remote buffer overflows (9ff4c91e-328c-11d9-a9e7-0001020eed82)	Nessus	FreeBSD Local Security Checks	4/23/2009	1/6/2021	critical
15702	RHEL 2.1 / 3 : libxml2 (RHSA-2004:615)	Nessus	Red Hat Local Security Checks	11/13/2004	1/14/2021	critical
15991	RHEL 2.1 / 3 : libxml (RHSA-2004:650)	Nessus	Red Hat Local Security Checks	12/17/2004	1/14/2021	critical
41341	SuSE9 Security Update : libxml (YOU Patch Number 9579)	Nessus	SuSE Local Security Checks	9/24/2009	1/14/2021	critical
16251	Mac OS X Multiple Vulnerabilities (Security Update 2005-001)	Nessus	MacOS X Local Security Checks	1/26/2005	5/28/2024	high
40604	Fedora 10 : libxml-1.8.17-24.fc10 (2009-8594)	Nessus	Fedora Local Security Checks	8/18/2009	1/11/2021	critical
20714	Ubuntu 4.10 : libxml vulnerabilities (USN-89-1)	Nessus	Ubuntu Local Security Checks	1/15/2006	1/19/2021	critical
15638	Mandrake Linux Security Advisory : libxml/libxml2 (MDKSA-2004:127)	Nessus	Mandriva Local Security Checks	11/5/2004	1/6/2021	critical
40603	Fedora 11 : libxml-1.8.17-24.fc11 (2009-8582)	Nessus	Fedora Local Security Checks	8/18/2009	1/11/2021	critical
15680	Debian DSA-582-1 : libxml - buffer overflow	Nessus	Debian Local Security Checks	11/10/2004	1/4/2021	critical
2555	Mac OS X Multiple Vulnerabilities (Security Update 2005-001)	Nessus Network Monitor	Web Clients	1/26/2005	3/6/2019	critical
800804	Mac OS X Multiple Vulnerabilities (Security Update 2005-001)	Log Correlation Engine	Operating System Detection			high

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

high

critical

critical

critical

critical

critical

critical

high