The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Bochs: several vulnerabilities

Synthesis of the vulnerability 

Two vulnerabilities of Bochs permit an attacker to elevate his privileges or to generate a denial of service.
Vulnerable systems: Debian, Fedora, Unix (platform) ~ not comprehensive.
Severity of this threat: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 20/07/2007.
Références of this weakness: BID-24246, CVE-2007-2893, CVE-2007-2894, DSA-1351-1, FEDORA-2007-1153, FEDORA-2007-1778, VIGILANCE-VUL-7022.

Description of the vulnerability 

A malicious application executed in a Bochs emulation environment can exploit several vulnerabilities.

The iodev/ne2k.cc file implements a NE2000 network device emulation. A buffer overflow can occur in the bx_ne2k_c::rx_frame() function. This vulnerability leads to code execution. [severity:2/4; CVE-2007-2893]

A divide y zero error may occur in the emulated floppy disk controller. This denial of service was not confirmed. [severity:2/4; CVE-2007-2894]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security announce impacts software or systems such as Debian, Fedora, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this threat is medium.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 2 vulnerabilities.

An attacker with a expert ability can exploit this computer vulnerability announce.

Solutions for this threat 

Debian: new bochs packages.
New packages are available:
Debian GNU/Linux 3.1 alias sarge
  AMD64 architecture:
    http://security.debian.org/pool/updates/main/b/bochs/bochs_2.1.1+20041109-3sarge1_amd64.deb
      Size/MD5 checksum: 588380 f733c64e27f8a0b07f448e28590d6b34
    http://security.debian.org/pool/updates/main/b/bochs/bochs-sdl_2.1.1+20041109-3sarge1_amd64.deb
      Size/MD5 checksum: 63516 804a2021ebc6b22c3b2f09cae62ecbba
    http://security.debian.org/pool/updates/main/b/bochs/bochs-term_2.1.1+20041109-3sarge1_amd64.deb
      Size/MD5 checksum: 53086 424913f0b5fe87547e1ad8bf040337db
    http://security.debian.org/pool/updates/main/b/bochs/bochs-wx_2.1.1+20041109-3sarge1_amd64.deb
      Size/MD5 checksum: 137260 a04ff1120b1b5b645b69f1cbe65d2090
    http://security.debian.org/pool/updates/main/b/bochs/bochs-x_2.1.1+20041109-3sarge1_amd64.deb
      Size/MD5 checksum: 62646 515236bbe9e5b699787b7a15d1bf99c0
    http://security.debian.org/pool/updates/main/b/bochs/bximage_2.1.1+20041109-3sarge1_amd64.deb
      Size/MD5 checksum: 52362 2610b36e959720df44a305602732d95b
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/b/bochs/bochs_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 585628 dcd61a6b66292f9bf14591f8c46d0ffd
    http://security.debian.org/pool/updates/main/b/bochs/bochs-sdl_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 63008 30f58621edb9d2f08c95a2a917303355
    http://security.debian.org/pool/updates/main/b/bochs/bochs-svga_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 54036 51f1aabcbc74724a6a7e5f6dc60af8fa
    http://security.debian.org/pool/updates/main/b/bochs/bochs-term_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 53428 c34f1a81147ee4644c71a64256a627a7
    http://security.debian.org/pool/updates/main/b/bochs/bochs-wx_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 134834 c74e2b079eb8e420b1ff93e365b2bf48
    http://security.debian.org/pool/updates/main/b/bochs/bochs-x_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 62196 211e0cb7af8118054ff65f47028efe1e
    http://security.debian.org/pool/updates/main/b/bochs/bximage_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 51944 387b7876fcf8a5719e1ed1a35ba24928
    http://security.debian.org/pool/updates/main/b/bochs/sb16ctrl-bochs_2.1.1+20041109-3sarge1_i386.deb
      Size/MD5 checksum: 48546 5b98f92edff4258fbd10542b4955e767
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/b/bochs/bochs_2.1.1+20041109-3sarge1_ia64.deb
      Size/MD5 checksum: 771622 5a8670fbc87627e03e9c5505382f3eef
    http://security.debian.org/pool/updates/main/b/bochs/bochs-sdl_2.1.1+20041109-3sarge1_ia64.deb
      Size/MD5 checksum: 68754 ca2e78bf52c613d0c82086881a98d188
    http://security.debian.org/pool/updates/main/b/bochs/bochs-term_2.1.1+20041109-3sarge1_ia64.deb
      Size/MD5 checksum: 55540 6b5b1834802e74194a1b447ab47e51d6
    http://security.debian.org/pool/updates/main/b/bochs/bochs-wx_2.1.1+20041109-3sarge1_ia64.deb
      Size/MD5 checksum: 160792 ed88d64755599e3ee0e8664e966f1eaf
    http://security.debian.org/pool/updates/main/b/bochs/bochs-x_2.1.1+20041109-3sarge1_ia64.deb
      Size/MD5 checksum: 68854 56d86687301d96edb2959515f7d6a0db
    http://security.debian.org/pool/updates/main/b/bochs/bximage_2.1.1+20041109-3sarge1_ia64.deb
      Size/MD5 checksum: 55308 6a6418a942e2041e1aaea167b3fc2658
Debian GNU/Linux 4.0 alias etch
  AMD64 architecture:
    http://security.debian.org/pool/updates/main/b/bochs/bochs_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 839638 f4bca3d9bc2164ced520e1a44c9d4103
    http://security.debian.org/pool/updates/main/b/bochs/bochs-sdl_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 77648 3cd030a54522c79fa46da237f6c2bf60
    http://security.debian.org/pool/updates/main/b/bochs/bochs-svga_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 67744 6880f05db229223015902958b8a00300
    http://security.debian.org/pool/updates/main/b/bochs/bochs-term_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 66992 eefb5f07af44e4782243ec5d55a6b232
    http://security.debian.org/pool/updates/main/b/bochs/bochs-wx_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 171544 1ad55f3d720f6e2d3682760c6a422512
    http://security.debian.org/pool/updates/main/b/bochs/bochs-x_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 79296 795377fab4a18c90140ce871281f4a50
    http://security.debian.org/pool/updates/main/b/bochs/bximage_2.3-2etch1_amd64.deb
      Size/MD5 checksum: 70286 f278fe9cbf7593a794899f01f11d7fe8
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/b/bochs/bochs_2.3-2etch1_i386.deb
      Size/MD5 checksum: 844216 c9260c781f2a82de13fa0182d0ba2a7f
    http://security.debian.org/pool/updates/main/b/bochs/bochs-sdl_2.3-2etch1_i386.deb
      Size/MD5 checksum: 76690 33ab2e0cbb00e5b978fdaffa7896e96e
    http://security.debian.org/pool/updates/main/b/bochs/bochs-svga_2.3-2etch1_i386.deb
      Size/MD5 checksum: 67784 c336e8bf0dc49a947447d95775a38a5b
    http://security.debian.org/pool/updates/main/b/bochs/bochs-term_2.3-2etch1_i386.deb
      Size/MD5 checksum: 66704 e4a05212393bf37f84bd4b00ca2cafb9
    http://security.debian.org/pool/updates/main/b/bochs/bochs-wx_2.3-2etch1_i386.deb
      Size/MD5 checksum: 168558 ac3ba5b9c983c1fc5fec9676bbd4b268
    http://security.debian.org/pool/updates/main/b/bochs/bochs-x_2.3-2etch1_i386.deb
      Size/MD5 checksum: 79062 0e9af11eb332b4c78af2d0ebb581eed7
    http://security.debian.org/pool/updates/main/b/bochs/bximage_2.3-2etch1_i386.deb
      Size/MD5 checksum: 69778 15963c020e9373e92c6b7448571e2667
    http://security.debian.org/pool/updates/main/b/bochs/sb16ctrl-bochs_2.3-2etch1_i386.deb
      Size/MD5 checksum: 63582 291bd31394c476c682c889e83f2eca09
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/b/bochs/bochs_2.3-2etch1_ia64.deb
      Size/MD5 checksum: 1165700 c2b741e2aaefa2eaa69b750e6ce51eb1
    http://security.debian.org/pool/updates/main/b/bochs/bochs-sdl_2.3-2etch1_ia64.deb
      Size/MD5 checksum: 84048 df04e408a6874b63fd68a9d41293ec43
    http://security.debian.org/pool/updates/main/b/bochs/bochs-term_2.3-2etch1_ia64.deb
      Size/MD5 checksum: 70662 f09990961af25d03bdb37f95f71ac8de
    http://security.debian.org/pool/updates/main/b/bochs/bochs-wx_2.3-2etch1_ia64.deb
      Size/MD5 checksum: 197808 80c43343c9e445b72234b3c3c5410522
    http://security.debian.org/pool/updates/main/b/bochs/bochs-x_2.3-2etch1_ia64.deb
      Size/MD5 checksum: 88342 0e8b3ec29a3a0ba81951ecc2d0b7374c
    http://security.debian.org/pool/updates/main/b/bochs/bximage_2.3-2etch1_ia64.deb
      Size/MD5 checksum: 74716 c07b5adfbb6a62178996b74df7689045

Fedora 7: new bochs packages (20/07/2007).
New packages are available:
46e0b395d611f87c2b3a8622225f0668e343b60a bochs-2.3-5.fc7.ppc64.rpm
c660741b68ad3190de1b23982ee9ac58464e5a03 bochs-dlxlinux-2.3-5.fc7.ppc64.rpm
5f520fcaf6730c4df9381ebb489028c68518a014 bochs-gdb-2.3-5.fc7.ppc64.rpm
fdf9c38f93723dc8e1e9b0cf863d466c47e36f1e bochs-debugger-2.3-5.fc7.ppc64.rpm
ac552f87eeecb0f3e4209244a66fbf48343f0c69 bochs-debuginfo-2.3-5.fc7.ppc64.rpm
0e889937004e4b7ff7feb46df4c214abde0335f8 bochs-2.3-5.fc7.i386.rpm
a831270f721fae396c1f5eb91b0476696fcac709 bochs-debuginfo-2.3-5.fc7.i386.rpm
df574ec622b1fb40f379043172b547be52e917b7 bochs-dlxlinux-2.3-5.fc7.i386.rpm
b76d087c8e3aecfd6cbe90c58cd9268c0119f4b9 bochs-debugger-2.3-5.fc7.i386.rpm
3156b0f1acc4be22abeee0c8d2c75f8033cbd136 bochs-gdb-2.3-5.fc7.i386.rpm
e2b8571d01e7f811c4401bff44e1e6848fa628be bochs-dlxlinux-2.3-5.fc7.x86_64.rpm
03ba199fd52442a5fb72c7e77d3b0fe86442a387 bochs-2.3-5.fc7.x86_64.rpm
422fe72ecaa8495ccff8a687e6b9248ce480cc80 bochs-debuginfo-2.3-5.fc7.x86_64.rpm
7abea8f2d09274cb8107151d4eb3e11b4fa2e149 bochs-gdb-2.3-5.fc7.x86_64.rpm
d29561f645161822f0a983fa82164df470154b8f bochs-debugger-2.3-5.fc7.x86_64.rpm
cef14cb37e23fbfc72564b2b60478716f83fa2e4 bochs-gdb-2.3-5.fc7.ppc.rpm
c615dea536088b9aacdf124cc935959b43eaa74d bochs-dlxlinux-2.3-5.fc7.ppc.rpm
ea903396a4eda1156eb8e038aa235c05987798be bochs-debuginfo-2.3-5.fc7.ppc.rpm
483b023b8c2e4792dc9fb9f6d04b06a13c7004c4 bochs-debugger-2.3-5.fc7.ppc.rpm
89e6c766e0704b563953a44e1490d843ae328a38 bochs-2.3-5.fc7.ppc.rpm
f0b2c4f925bab17081bc219a4adbdb50fad14692 bochs-2.3-5.fc7.src.rpm

Fedora 7: new bochs packages (24/08/2007).
New packages are available:
ed353d54332640ce5e90454664496e5c3356be9a bochs-dlxlinux-2.3-7.fc7.ppc64.rpm
fae7ed6e396f83b5f3ee154652c27839fc40ef9c bochs-gdb-2.3-7.fc7.ppc64.rpm
01aa04b4ee2ca81c56060d27a143c6932974b313 bochs-debugger-2.3-7.fc7.ppc64.rpm
06b46881ed957a141767ef8f385dc3b99563e923 bochs-debuginfo-2.3-7.fc7.ppc64.rpm
25121c686dd5f941b657c9da44a527c69b6b5f43 bochs-2.3-7.fc7.ppc64.rpm
1de6de5a69022b724811c053bd569f9eed87aa34 bochs-debuginfo-2.3-7.fc7.i386.rpm
88c8d43ec83a11a023334661523ea177a130fbe4 bochs-2.3-7.fc7.i386.rpm
f5beeed5421182235e2831cb41b1420c02fd653f bochs-gdb-2.3-7.fc7.i386.rpm
c307c52ca4674d7b7636f5e39358da2694a2dab0 bochs-dlxlinux-2.3-7.fc7.i386.rpm
a9e3eb09e06bcf9fc536dc8845ea52d50bb860bd bochs-debugger-2.3-7.fc7.i386.rpm
ed6b3aca82726d15db6b20bd5923d07da5f09855 bochs-debugger-2.3-7.fc7.x86_64.rpm
d6be3cbe367589200e2563ba06f73e4e89f948a9 bochs-dlxlinux-2.3-7.fc7.x86_64.rpm
c71c5b922211bb801dffbc69c58fca2b17c0a9f6 bochs-gdb-2.3-7.fc7.x86_64.rpm
d425d5a249edf8fa66e0945506de733d705b3db8 bochs-2.3-7.fc7.x86_64.rpm
f08e0dbfc2973dca985902da6884894386faf2fa bochs-debuginfo-2.3-7.fc7.x86_64.rpm
947d09e4a255477b8d0583597f5d81fb42f89e23 bochs-debuginfo-2.3-7.fc7.ppc.rpm
a4d1bcef13b765d9b97112aff152923f822d48bf bochs-2.3-7.fc7.ppc.rpm
963385efed878cc4bab2849d0a94cc6afcd4845a bochs-gdb-2.3-7.fc7.ppc.rpm
dba3eb9dc8cc49cfc7218c89957e380434c5b1a8 bochs-dlxlinux-2.3-7.fc7.ppc.rpm
6269d27e00e39bbfaed850fc0f504ae81aeab8a9 bochs-debugger-2.3-7.fc7.ppc.rpm
80701e12e85e27be621eef1f77c4b6933731c897 bochs-2.3-7.fc7.src.rpm
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer security patch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.