The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of MapServer: several vulnerabilities

Synthesis of the vulnerability 

An attacker can generate an overflow and Cross Site Scripting attacks on MapServer.
Impacted software: Debian, Fedora, Unix (platform) ~ not comprehensive.
Severity of this computer vulnerability: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 05/09/2007.
Références of this announce: CVE-2007-4542, CVE-2007-4629, DSA-1539-1, FEDORA-2007-2018, VIGILANCE-VUL-7144.

Description of the vulnerability 

The MapServer program handles cartography data. It is affected by two types of vulnerabilities.

Special characters are not encoded by msEncodeHTMLEntities() in the maptemplate.c file. Moreover, the msWriteError() function is incorrectly used in the mapserv.c file. An attacker can use these errors in order to create a Cross Site Scripting attack. [severity:3/4; CVE-2007-4542]

An attacker can create a mapfile with a long layer name, group name or metadata entry name. An overflow then occurs in the processLine() function of maptemplate.c file. This overflow can lead to code execution. [severity:3/4; CVE-2007-4629]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness impacts software or systems such as Debian, Fedora, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this vulnerability announce is important.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 2 vulnerabilities.

An attacker with a expert ability can exploit this threat bulletin.

Solutions for this threat 

MapServer: version 4.10.3.
Version 4.10.3 is corrected:
  http://mapserver.gis.umn.edu/

Debian 4.0: new mapserver packages.
New packages are available:
  http://security.debian.org/pool/updates/main/m/mapserver/*_4.10.0-5.1+etch2_*.deb

Fedora 7: new mapserver packages.
New packages are available:
7465f45f9c12c3692f1ae77487896759d921b2f7 mapserver-python-4.10.3-2.fc7.ppc64.rpm
901bb09e9e539a91da2a240e1db33c70866719f3 mapserver-java-4.10.3-2.fc7.ppc64.rpm
1f488886dedfc92b612c181ea8c7dece17dc7834 mapserver-debuginfo-4.10.3-2.fc7.ppc64.rpm
a87ec0b354b2327abe3e5aa06a1c3fcd2ca0ecf2 mapserver-perl-4.10.3-2.fc7.ppc64.rpm
df113ba1da9dc1767d0bccaad4ad8138747a0f83 php-mapserver-4.10.3-2.fc7.ppc64.rpm
e55a4bbc934a8547785ad35858607c2a6b0fd055 mapserver-4.10.3-2.fc7.ppc64.rpm
752ad072741f774be5fe01308d63cc29dcea4c3b mapserver-java-4.10.3-2.fc7.i386.rpm
74e5b399622d7cb494fbb75b4ca7f553c35bdee4 mapserver-4.10.3-2.fc7.i386.rpm
90557fac0dc7334530a2d840b26d342aba361cac mapserver-python-4.10.3-2.fc7.i386.rpm
4f5d70c8e553dc617cd9d2343998053a93f9df6d mapserver-debuginfo-4.10.3-2.fc7.i386.rpm
50890b13e4ece58b7d2bd29947e577650167faa0 mapserver-perl-4.10.3-2.fc7.i386.rpm
2a00916f91017455d19cf13dfd44582229c7361a php-mapserver-4.10.3-2.fc7.i386.rpm
70d4ac21457bbc84c21c48605e9353009b28e976 mapserver-perl-4.10.3-2.fc7.x86_64.rpm
2253781d39d9b0567cee58ab95d22b5f35a25406 php-mapserver-4.10.3-2.fc7.x86_64.rpm
8c1f6e411f4c1593a48819692186f34baebf1e90 mapserver-java-4.10.3-2.fc7.x86_64.rpm
0748e32a97d0f58e9e5b0500494408757bfb66ce mapserver-debuginfo-4.10.3-2.fc7.x86_64.rpm
7de7f750a6fb9a585345cbfb487ba9331827d3f7 mapserver-python-4.10.3-2.fc7.x86_64.rpm
9d8fd59f40138d0d64981b9c1bcbb1caa2cbdd78 mapserver-4.10.3-2.fc7.x86_64.rpm
5b8e26a1ac1eedc91c0b579c589316886ddd4f2b mapserver-java-4.10.3-2.fc7.ppc.rpm
c994583c221b2fa3b8d3274050b2627e19c0323b mapserver-python-4.10.3-2.fc7.ppc.rpm
64d29bb146eb2e7598820f0b19e1966255190856 mapserver-4.10.3-2.fc7.ppc.rpm
aa8cfa9725da3b6b9362e26a5eb14a3ee4c50468 mapserver-perl-4.10.3-2.fc7.ppc.rpm
0382fff412175f78a26da493af758c4eb06a3e24 mapserver-debuginfo-4.10.3-2.fc7.ppc.rpm
50b8c815d08d2316147564abc21a4c9dafa99429 php-mapserver-4.10.3-2.fc7.ppc.rpm
b77ad0693b5c5b0786cb081e6c6a5a60c821d071 mapserver-4.10.3-2.fc7.src.rpm
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides an application vulnerability patch. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.