CVE-2004-0989: Buffer Overflow
First published: Thu Oct 28 2004(Updated: )
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xmlsoft Libxml2 | =2.6.11 | |
| Xmlsoft Libxml2 | =2.6.13 | |
| Xmlsoft Libxml2 | =2.6.7 | |
| Xmlsoft Libxml2 | =2.6.14 | |
| XMLStarlet Command Line XML Toolkit | =0.9.1 | |
| Xmlsoft Libxml2 | =2.6.8 | |
| Xmlsoft Libxml2 | =2.5.11 | |
| XMLSoft Libxml | =1.8.17 | |
| Xmlsoft Libxml2 | =2.6.12 | |
| Xmlsoft Libxml2 | =2.6.9 | |
| Xmlsoft Libxml2 | =2.6.6 | |
| Redhat Fedora Core | =core_2.0 | |
| Trustix Secure Linux | =2.0 | |
| Ubuntu Ubuntu Linux | =4.1 | |
| Trustix Secure Linux | =2.1 | |
| Ubuntu Ubuntu Linux | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/11526
- http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html
- http://www.debian.org/security/2004/dsa-582
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000890
- http://www.redhat.com/support/errata/RHSA-2004-615.html
- http://www.redhat.com/support/errata/RHSA-2004-650.html
- http://www.novell.com/linux/security/advisories/2005_01_sr.html
- http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml
- http://www.ciac.org/ciac/bulletins/p-029.shtml
- http://www.osvdb.org/11179
- http://www.osvdb.org/11180
- http://www.osvdb.org/11324
- http://securitytracker.com/id?1011941
- http://secunia.com/advisories/13000
- http://marc.info/?l=bugtraq&m=109880813013482&w=2
- https://www.ubuntu.com/usn/usn-89-1/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17876
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17875
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17872
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17870
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505
- collector/nvd-historical
- vendor/xmlsoft
- product/libxml2
- canonical/xmlsoft libxml2
- vendor/xmlstarlet
- product/command line xml toolkit
- canonical/xmlstarlet command line xml toolkit
- product/libxml
- canonical/xmlsoft libxml
- vendor/redhat
- product/fedora core
- canonical/redhat fedora core
- vendor/trustix
- product/secure linux
- canonical/trustix secure linux
- vendor/ubuntu
- product/ubuntu linux
- canonical/ubuntu ubuntu linux
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/xmlsoft libxml2/2.6.11
- version/xmlsoft libxml2/2.6.13
- version/xmlsoft libxml2/2.6.7
- version/xmlsoft libxml2/2.6.14
- version/xmlstarlet command line xml toolkit/0.9.1
- version/xmlsoft libxml2/2.6.8
- version/xmlsoft libxml2/2.5.11
- version/xmlsoft libxml/1.8.17
- version/xmlsoft libxml2/2.6.12
- version/xmlsoft libxml2/2.6.9
- version/xmlsoft libxml2/2.6.6
- version/redhat fedora core/core_2.0
- version/trustix secure linux/2.0
- version/ubuntu ubuntu linux/4.1
- version/trustix secure linux/2.1