Details of VAR-201604-0652

ID

VAR-201604-0652

CVE

CVE-2014-9765

TITLE

xdelta3 buffer overflow vulnerability

Trust: 1.2

sources: CNVD: CNVD-2016-02491 // CNNVD: CNNVD-201602-343

DESCRIPTION

Buffer overflow in the main_get_appheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code via a crafted input file. xdelta is a set of command line programs developed by software developer Joshua MacDonald for handling incremental encoding (not complete storage or transmission of data). xdelta3 is an enhanced version of xdelta. ============================================================================ Ubuntu Security Notice USN-2901-1 February 17, 2016 xdelta3 vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.10 - Ubuntu 14.04 LTS Summary: xdelta3 could be made to crash or run programs if it opened a specially crafted file. Software Description: - xdelta3: Diff utility which works with binary files Details: It was discovered that xdelta3 incorrectly handled certain files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.10: xdelta3 3.0.8-dfsg-1ubuntu0.15.10.2 Ubuntu 14.04 LTS: xdelta3 3.0.7-dfsg-2ubuntu0.2 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2901-1 CVE-2014-9765 Package Information: https://launchpad.net/ubuntu/+source/xdelta3/3.0.8-dfsg-1ubuntu0.15.10.2 https://launchpad.net/ubuntu/+source/xdelta3/3.0.7-dfsg-2ubuntu0.2 . Background ========== Xdelta is a C library and command-line tool for delta compression using VCDIFF/RFC 3284 streams. Impact ====== A remote attacker could coerce the victim to run xdelta against a malicious input file. This may be leveraged by an attacker to crash xdelta and gain control of program execution. Workaround ========== There is no known workaround at this time. Resolution ========== All xdelta users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/xdelta-3.0.10" References ========== [ 1 ] CVE-2014-9765 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9765 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-40 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . For the oldstable distribution (wheezy), this problem has been fixed in version 3.0.0.dfsg-1+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 3.0.8-dfsg-1+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 3.0.8-dfsg-1.1. For the unstable distribution (sid), this problem has been fixed in version 3.0.8-dfsg-1.1. We recommend that you upgrade your xdelta3 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWxzifAAoJEAVMuPMTQ89E5BkP/R75kZvWctuo7+D+S+sqPkFc /n3w5o2FXUFIkp8GWj7WA+nECKEf95vNaBDukNdRv3c+WsDJ74wiAkKei9TGKwsa lt0lTvMOZDwyz6ZzKyCeJC64RhYduVwzYFYlzi96cv7whK67OgyTR1sdK6KS7rqs qHoVGs6f2mahy8LYTE57KszUz9im5ZRzC5Gzr0aYCi5q1Xwq1FJkZ3KoNUWrLWBm XB8e5GUTD0dJnjf2JmfB/cUhLuSnomHFBT3Dz8QuJRoTKCBIZv9aoly4tjVFIZpd cxAdt8E9gGe9jc86xk2c098LsI2ta9MfGUMaLhEIYqJF9NGnYAHCeatyj7yZnVIq 4NPdj7lXL1XmC/rtRWWYiI46wTfs1j60B95tEY3H9z9c83x67P3X1z5pEpv1Yq29 qjVvH3vkKA2YFjSo/DSs5Na3vJUE33o3aKPJ4fCmVAxJj8RQD8ktgd4JsomMu3i5 nUhuMl2VPU1JCyX9ckniqXo9Rtb5yDLvyA0lgxAk826fNboS4bFolcNC7Gx0BG3E hMXV2JSiS1SP559ct5nw8zMkggyX3vsYNScrahA3Y7SA7wnAbLTR9V2z/eFVRZfP NCxjVmrHDhx/r0K4bapLOsrLiICBld8dQVxzB+Qe7zRTjbh6Prc7UeCB+ahOjoar Zn0EbyC0roOV1QsHDIp5 =FAR5 -----END PGP SIGNATURE-----

Trust: 2.43

sources: NVD: CVE-2014-9765 // JVNDB: JVNDB-2014-008162 // CNVD: CNVD-2016-02491 // PACKETSTORM: 135812 // PACKETSTORM: 140543 // PACKETSTORM: 135855

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-02491

AFFECTED PRODUCTS

vendor:	opensuse	model:	opensuse	scope:	eq	version:	13.1	Trust: 1.8
vendor:	opensuse	model:	opensuse	scope:	eq	version:	13.2	Trust: 1.8
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	15.10	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	xdelta	model:	xdelta3	scope:	lte	version:	3.0.8	Trust: 1.0
vendor:	canonical	model:	ubuntu	scope:	eq	version:	14.04 lts	Trust: 0.8
vendor:	canonical	model:	ubuntu	scope:	eq	version:	15.10	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	eq	version:	7.0	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	eq	version:	8.0	Trust: 0.8
vendor:	xdelta	model:	xdelta3	scope:	lt	version:	3.0.9	Trust: 0.8
vendor:	xdelta3	model:	xdelta3	scope:	lt	version:	3.0.9	Trust: 0.6
vendor:	novell	model:	opensuse	scope:	eq	version:	13.1	Trust: 0.6
vendor:	novell	model:	opensuse	scope:	eq	version:	13.2	Trust: 0.6
vendor:	xdelta	model:	xdelta3	scope:	eq	version:	3.0.8	Trust: 0.6

sources: CNVD: CNVD-2016-02491 // JVNDB: JVNDB-2014-008162 // CNNVD: CNNVD-201602-343 // NVD: CVE-2014-9765

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-9765
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-9765
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-02491
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201602-343
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2014-9765
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-02491
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2014-9765
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-02491 // JVNDB: JVNDB-2014-008162 // CNNVD: CNNVD-201602-343 // NVD: CVE-2014-9765

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2014-008162 // NVD: CVE-2014-9765

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 135812 // PACKETSTORM: 140543 // CNNVD: CNNVD-201602-343

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201602-343

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-008162

PATCH

title:	DSA-3484	url:	https://www.debian.org/security/2016/dsa-3484	Trust: 0.8
title:	Add appheader tests; fix buffer overflow in main_get_appheader	url:	https://github.com/jmacd/xdelta-gpl/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2	Trust: 0.8
title:	openSUSE-SU-2016:0530	url:	http://lists.opensuse.org/opensuse-updates/2016-02/msg00131.html	Trust: 0.8
title:	openSUSE-SU-2016:0524	url:	http://lists.opensuse.org/opensuse-updates/2016-02/msg00125.html	Trust: 0.8
title:	USN-2901-1	url:	http://www.ubuntu.com/usn/USN-2901-1/	Trust: 0.8
title:	Top Page	url:	http://xdelta.org/	Trust: 0.8
title:	Patch for xdelta3 buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/74608	Trust: 0.6
title:	xdelta3 Fixes for local buffer overflow vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60264	Trust: 0.6

sources: CNVD: CNVD-2016-02491 // JVNDB: JVNDB-2014-008162 // CNNVD: CNNVD-201602-343

EXTERNAL IDS

db:	NVD	id:	CVE-2014-9765	Trust: 3.3
db:	OPENWALL	id:	OSS-SECURITY/2016/02/08/1	Trust: 2.2
db:	OPENWALL	id:	OSS-SECURITY/2016/02/08/2	Trust: 1.6
db:	BID	id:	83109	Trust: 1.6
db:	JVNDB	id:	JVNDB-2014-008162	Trust: 0.8
db:	CNVD	id:	CNVD-2016-02491	Trust: 0.6
db:	CNNVD	id:	CNNVD-201602-343	Trust: 0.6
db:	PACKETSTORM	id:	135812	Trust: 0.1
db:	PACKETSTORM	id:	140543	Trust: 0.1
db:	PACKETSTORM	id:	135855	Trust: 0.1

sources: CNVD: CNVD-2016-02491 // JVNDB: JVNDB-2014-008162 // PACKETSTORM: 135812 // PACKETSTORM: 140543 // PACKETSTORM: 135855 // CNNVD: CNNVD-201602-343 // NVD: CVE-2014-9765

REFERENCES

url:	http://lists.opensuse.org/opensuse-updates/2016-02/msg00125.html	Trust: 2.2
url:	http://www.debian.org/security/2016/dsa-3484	Trust: 2.2
url:	http://www.openwall.com/lists/oss-security/2016/02/08/1	Trust: 2.2
url:	http://www.ubuntu.com/usn/usn-2901-1	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-updates/2016-02/msg00131.html	Trust: 1.6
url:	https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2016/02/08/2	Trust: 1.6
url:	http://www.securityfocus.com/bid/83109	Trust: 1.6
url:	https://security.gentoo.org/glsa/201701-40	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9765	Trust: 0.9
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9765	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2014-9765	Trust: 0.2
url:	https://launchpad.net/ubuntu/+source/xdelta3/3.0.8-dfsg-1ubuntu0.15.10.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/xdelta3/3.0.7-dfsg-2ubuntu0.2	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1

CREDITS

Stepan Golosunov

Trust: 0.6

sources: CNNVD: CNNVD-201602-343

SOURCES

db:	CNVD	id:	CNVD-2016-02491
db:	JVNDB	id:	JVNDB-2014-008162
db:	PACKETSTORM	id:	135812
db:	PACKETSTORM	id:	140543
db:	PACKETSTORM	id:	135855
db:	CNNVD	id:	CNNVD-201602-343
db:	NVD	id:	CVE-2014-9765

LAST UPDATE DATE

2024-08-14T15:08:33.643000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-02491	date:	2016-04-25T00:00:00
db:	JVNDB	id:	JVNDB-2014-008162	date:	2016-04-27T00:00:00
db:	CNNVD	id:	CNNVD-201602-343	date:	2016-04-20T00:00:00
db:	NVD	id:	CVE-2014-9765	date:	2018-10-30T16:27:35.843

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-02491	date:	2016-04-25T00:00:00
db:	JVNDB	id:	JVNDB-2014-008162	date:	2016-04-27T00:00:00
db:	PACKETSTORM	id:	135812	date:	2016-02-17T23:53:53
db:	PACKETSTORM	id:	140543	date:	2017-01-17T15:34:36
db:	PACKETSTORM	id:	135855	date:	2016-02-19T22:55:00
db:	CNNVD	id:	CNNVD-201602-343	date:	2016-02-18T00:00:00
db:	NVD	id:	CVE-2014-9765	date:	2016-04-19T21:59:01.100