The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of NetBSD: buffer overflow of glob

Synthesis of the vulnerability 

A local or remote attacker can generate an overflow in programs using glob().
Vulnerable systems: NetBSD.
Severity of this threat: 3/4.
Creation date: 15/12/2006.
Références of this weakness: CVE-2006-6652, NetBSD Security Advisory 2006-027, VIGILANCE-VUL-6404.

Description of the vulnerability 

The glob() function of libc obtains names of files matching a pattern like "f*".

The "f*" pattern can for example be converted to "file.txt". This size extension is correctly managed, however size of a glob() internal array is incorrectly computed.

An attacker can therefore generate an overflow in programs using glob() in order to execute code.

The tnftpd daemon uses this function and can be used as attack vector if attacker is allowed to create directories on the FTP server.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat bulletin impacts software or systems such as NetBSD.

Our Vigil@nce team determined that the severity of this computer threat bulletin is important.

The trust level is of type confirmed by the editor, with an origin of user account.

An attacker with a expert ability can exploit this computer threat.

Solutions for this threat 

NetBSD: patch for glob.
A patch is available for each version and is indicated in the announce.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a software vulnerability watch. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.