ID CVE-2005-3964
Summary Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
References
Vulnerable Configurations
  • cpe:2.3:a:integrated_computer_solutions:openmotif:2.2.3
    cpe:2.3:a:integrated_computer_solutions:openmotif:2.2.3
CVSS
Base: 7.5 (as of 02-12-2005 - 08:39)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0272.NASL
    description Updated openmotif packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenMotif provides libraries which implement the Motif industry standard graphical user interface. A number of buffer overflow flaws were discovered in OpenMotif's libUil library. It is possible for an attacker to execute arbitrary code as a victim who has been tricked into executing a program linked against OpenMotif, which then loads a malicious User Interface Language (UIL) file. (CVE-2005-3964) Users of OpenMotif are advised to upgrade to these erratum packages, which contain a backported security patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21896
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21896
    title CentOS 3 / 4 : openmotif (CESA-2006:0272)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200512-16.NASL
    description The remote host is affected by the vulnerability described in GLSA-200512-16 (OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library) xfocus discovered two potential buffer overflows in the libUil library, in the diag_issue_diagnostic and open_source_file functions. Impact : Remotely-accessible or SUID applications making use of the affected functions might be exploited to execute arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 20357
    published 2005-12-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20357
    title GLSA-200512-16 : OpenMotif, AMD64 x86 emulation X libraries: Buffer overflows in libUil library
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0272.NASL
    description Updated openmotif packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenMotif provides libraries which implement the Motif industry standard graphical user interface. A number of buffer overflow flaws were discovered in OpenMotif's libUil library. It is possible for an attacker to execute arbitrary code as a victim who has been tricked into executing a program linked against OpenMotif, which then loads a malicious User Interface Language (UIL) file. (CVE-2005-3964) Users of OpenMotif are advised to upgrade to these erratum packages, which contain a backported security patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 21181
    published 2006-04-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21181
    title RHEL 2.1 / 3 / 4 : openmotif (RHSA-2006:0272)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0261.NASL
    description Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal security review, a cross-site scripting flaw was found that affected the Red Hat Network channel search feature. (CVE-2007-5961) This release also corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server. In a typical operating environment, these components are not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments. Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting, denial-of-service, or information disclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197, CVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388) A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349) A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329) Multiple cross-site scripting flaws were fixed in the image map feature in the JFreeChart package. (CVE-2007-6306) Multiple flaws were fixed in the IBM Java 1.4.2 Runtime. (CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) Two arbitrary code execution flaws were fixed in the OpenMotif package. (CVE-2005-3964, CVE-2005-0605) A flaw which could result in weak encryption was fixed in the perl-Crypt-CBC package. (CVE-2006-0898) Multiple flaws were fixed in the Tomcat package. (CVE-2008-0128, CVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355, CVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195, CVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510) Users of Red Hat Network Satellite Server 5.0 are advised to upgrade to 5.0.2, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43835
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43835
    title RHEL 4 : Satellite Server (RHSA-2008:0261)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0524.NASL
    description Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server 4.2. In a typical operating environment, these components are not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments. Multiple flaws were fixed in the Apache HTTPD server. These flaws could result in a cross-site scripting, denial-of-service, or information disclosure attacks. (CVE-2004-0885, CVE-2006-5752, CVE-2006-7197, CVE-2007-1860, CVE-2007-3304, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388) A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349) A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329) Multiple cross-site scripting flaws were fixed in the image map feature in the JFreeChart package. (CVE-2007-6306) Multiple flaws were fixed in the IBM Java 1.4.2 Runtime. (CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) Multiple flaws were fixed in the OpenMotif package. (CVE-2004-0687, CVE-2004-0688, CVE-2004-0914, CVE-2005-3964, CVE-2005-0605) A flaw which could result in weak encryption was fixed in the perl-Crypt-CBC package. (CVE-2006-0898) Multiple flaws were fixed in the Tomcat package. (CVE-2008-0128, CVE-2007-5461, CVE-2007-3385, CVE-2007-3382, CVE-2007-1358, CVE-2007-1355, CVE-2007-2450, CVE-2007-2449, CVE-2007-0450, CVE-2006-7196, CVE-2006-7195, CVE-2006-3835, CVE-2006-0254, CVE-2005-2090, CVE-2005-4838, CVE-2005-3510) Users of Red Hat Network Satellite Server 4.2 are advised to upgrade to 4.2.3, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43837
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43837
    title RHEL 3 / 4 : Satellite Server (RHSA-2008:0524)
oval via4
accepted 2013-04-29T04:19:08.417-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
family unix
id oval:org.mitre.oval:def:9393
status accepted
submitted 2010-07-09T03:56:16-04:00
title Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
version 22
redhat via4
advisories
  • bugzilla
    id 174815
    title CVE-2005-3964 openmotif libUil buffer overflows
    oval
    OR
    • AND
      comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhba:tst:20070026001
    • AND
      comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    rhsa
    id RHSA-2006:0272
    released 2006-04-04
    severity Moderate
    title RHSA-2006:0272: openmotif security update (Moderate)
  • rhsa
    id RHSA-2008:0261
refmap via4
bid
  • 15684
  • 15686
bugtraq 20051202 [xfocus-SD-051202]openMotif libUil Multiple vulnerability
fulldisc 20051201 [xfocus-SD-051202]openMotif-libUil-Multiple_vulnerability
sectrack 1015303
vupen ADV-2005-2709
xf
  • openmotif-diagissuediagnostic-bo(23388)
  • openmotif-opensourcefile-bo(23389)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 17-10-2016 - 23:38
Published 02-12-2005 - 06:03
Last modified 19-10-2018 - 11:39
Back to Top