Vulnerability CVE-2010-4052


Published: 2011-01-13   Modified: 2012-02-13

Description:
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
GNU libc/regcomp(3) Multiple Vulnerabilities
Maksymilian Arci...
07.01.2011
High
proftpd multiple exploit for VU#912279 (only with GNU libc/regcomp(3))
Maksymilian Arci...
07.01.2011
Med.
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service
Maksymilian Arci...
13.03.2014

Type:

CWE-399

(Resource Management Errors)

Vendor: GNU
Product: Glibc 
Version:
2.12.2
2.12.1
2.12.0
2.11.3
2.11.2
2.11.1
2.11
2.10.2
2.10.1
2.10
2.1.9
2.1.3.10
2.1.3
2.1.2
2.1.1.6
2.1.1
1.09.1
1.09
1.08
1.07
1.06
1.05
1.04
1.03
1.02
1.01
1.00

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.kb.cert.org/vuls/id/912279
http://cxib.net/stuff/proftpd.gnu.c
https://bugzilla.redhat.com/show_bug.cgi?id=645859
http://www.securityfocus.com/bid/45233
http://www.securityfocus.com/archive/1/archive/1/515589/100/0/threaded
http://www.exploit-db.com/exploits/15935
http://securitytracker.com/id?1024832
http://securityreason.com/securityalert/8003
http://securityreason.com/achievement_securityalert/93
http://secunia.com/advisories/42547
http://seclists.org/fulldisclosure/2011/Jan/78

Related CVE
CVE-2018-0618
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-13796
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
CVE-2018-13033
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_p...
CVE-2018-12934
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.
CVE-2018-12700
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-12699
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of...
CVE-2018-12698
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occ...
CVE-2018-12697
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.

Copyright 2018, cxsecurity.com

 

Back to Top