| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2009-0689
BSD: memory corruption via printf
Synthesis of the vulnerability
| When the attacker can choose a real value, and its display format by a function of the printf() family, he can generate an overflow leading to a denial of service or to code execution. |
Severity: 2/4.
Creation date: 29/06/2009.
|
Impacted products
Description of the vulnerability
Recent versions of FreeBSD, NetBSD and OpenBSD use the gdtoa (double to ascii) library to convert real values to character strings. Functions of the printf() family use gdtoa.
The number of digits of a real number can be indicated in the format parameter. For example, "%2.3f" displays 2 digits before the dot, and 3 after.
When the number of digits after the dot is over 2^18, the size allocated by gdtoa is too short. The memory is then corrupted.
When the attacker can choose a real value, and its display format by a function of the printf() family, he can therefore generate an overflow leading to a denial of service or to code execution. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: BSD: memory corruption via printf.
Keywords: FreeBSD NetBSD OpenBSD corruption memory printf.
Identifiers: BID-35510, CERTA-2010-AVI-080, CVE-2009-0689, DSA 1998-1, MDVSA-2009:330, MDVSA-2010:027, MDVSA-2010:028, SUSE-SR:2009:020, VIGILANCE-VUL-8828.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
Vigil@nce provides a computers vulnerabilities announce. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities.
|
