ID CVE-2006-7228
Summary Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
References
Vulnerable Configurations
  • cpe:2.3:a:pcre:pcre:6.6
    cpe:2.3:a:pcre:pcre:6.6
CVSS
Base: 6.8 (as of 15-11-2007 - 10:04)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-MOD_PHP5-4810.NASL
    description This update fixes multiple bugs in php : - use system pcre library to fix several pcre vulnerabilities (CVE-2007-1659, CVE-2006-7230, CVE-2007-1660, CVE-2006-7227 CVE-2005-4872, CVE-2006-7228) - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars (CVE-2007-5898) - overly long arguments to the dl() function could crash php (CVE-2007-4825) - overy long arguments to the glob() function could crash php (CVE-2007-4782) - overly long arguments to some iconv functions could crash php (CVE-2007-4840) - overy long arguments to the setlocale() function could crash php (CVE-2007-4784) - the wordwrap-Function could cause a floating point exception (CVE-2007-3998) - overy long arguments to the fnmatch() function could crash php (CVE-2007-4782) - incorrect size calculation in the chunk_split function could lead to a buffer overflow (CVE-2007-4661) - Flaws in the GD extension could lead to integer overflows (CVE-2007-3996) - The money_format function contained format string flaws (CVE-2007-4658) - Data for some time zones has been updated
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 29878
    published 2008-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29878
    title openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-4810)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-1068.NASL
    description From Red Hat Security Advisory 2007:1068 : Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67613
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67613
    title Oracle Linux 4 : pcre (ELSA-2007-1068)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2008-0007.NASL
    description a. Updated pcre Service Console package addresses several security issues The pcre package contains the Perl-Compatible Regular Expression library. pcre is used by various Service Console utilities. Several security issues were discovered in the way PCRE handles regular expressions. If an application linked against PCRE parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. VMware would like to thank Ludwig Nussel for reporting these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2006-7228 and CVE-2007-1660 to these issues. b. Updated net-snmp Service Console package addresses denial of service net-snmp is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts. By default ESX has this service enabled and its ports open on the ESX firewall. A flaw was discovered in the way net-snmp handled certain requests. A remote attacker who can connect to the snmpd UDP port could send a malicious packet causing snmpd to crash, resulting in a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5846 to this issue. c. Updated OpenPegasus Service Console package fixes overflow condition OpenPegasus is a CIM (Common Information Model) and Web-Based Enterprise Management (WBEM) broker. These protocols are used by network management systems to monitor and control hosts. By default ESX has this service enabled and its ports open on the ESX firewall. A flaw was discovered in the OpenPegasus CIM management server that might allow remote attackers to execute arbitrary code. OpenPegasus when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, has a stack-based buffer overflow condition. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-0003 to this issue.
    last seen 2019-02-21
    modified 2018-08-07
    plugin id 40377
    published 2009-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40377
    title VMSA-2008-0007 : Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1068.NASL
    description Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 28367
    published 2007-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28367
    title RHEL 4 : pcre (RHSA-2007:1068)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12049.NASL
    description This update fixes multiple bugs in php : - several problems in pcre (CVE-2007-1660, CVE-2006-7225, CVE-2006-7224, CVE-2006-7226 CVE-2007-1659, CVE-2006-7230) - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars. (CVE-2007-5898) - overly long arguments to the dl() function could crash php. (CVE-2007-4825) - overy long arguments to the glob() function could crash php. (CVE-2007-4782) - overly long arguments to some iconv functions could crash php. (CVE-2007-4840) - overy long arguments to the setlocale() function could crash php. (CVE-2007-4784) - the wordwrap-Function could cause a floating point exception. (CVE-2007-3998) - overy long arguments to the fnmatch() function could crash php. (CVE-2007-4782) - incorrect size calculation in the chunk_split function could lead to a buffer overflow. (CVE-2007-4661, CVE-2007-2872) - Flaws in the GD extension could lead to integer overflows. (CVE-2007-3996) - The money_format function contained format string flaws. (CVE-2007-4658)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41187
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41187
    title SuSE9 Security Update : PHP4 (YOU Patch Number 12049)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-MOD_PHP5-4808.NASL
    description This update fixes multiple bugs in php : - use system pcre library to fix several pcre vulnerabilities. (CVE-2007-1659 / CVE-2006-7230 / CVE-2007-1660 / CVE-2006-7227 / CVE-2005-4872 / CVE-2006-7228) - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars. (CVE-2007-5898) - overly long arguments to the dl() function could crash php. (CVE-2007-4825) - overy long arguments to the glob() function could crash php. (CVE-2007-4782) - overly long arguments to some iconv functions could crash php. (CVE-2007-4840) - overy long arguments to the setlocale() function could crash php. (CVE-2007-4784) - the wordwrap-Function could cause a floating point exception. (CVE-2007-3998) - overy long arguments to the fnmatch() function could crash php. (CVE-2007-4782) - incorrect size calculation in the chunk_split function could lead to a buffer overflow. (CVE-2007-4661) - Flaws in the GD extension could lead to integer overflows. (CVE-2007-3996) - The money_format function contained format string flaws. (CVE-2007-4658) - Data for some time zones has been updated
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 29780
    published 2007-12-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29780
    title SuSE 10 Security Update : PHP5 (ZYPP Patch Number 4808)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12013.NASL
    description Python contains a copy of the pcre library. Specially crafted regular expressions could lead to a buffer overflow in the pcre library. Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code. (CVE-2005-2491, CVE-2006-7228)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 41173
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41173
    title SuSE9 Security Update : Python (YOU Patch Number 12013)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200711-30.NASL
    description The remote host is affected by the vulnerability described in GLSA-200711-30 (PCRE: Multiple vulnerabilities) Tavis Ormandy (Google Security) discovered multiple vulnerabilities in PCRE. He reported an error when processing '\\Q\\E' sequences with unmatched '\\E' codes that can lead to the compiled bytecode being corrupted (CVE-2007-1659). PCRE does not properly calculate sizes for unspecified 'multiple forms of character class', which triggers a buffer overflow (CVE-2007-1660). Further improper calculations of memory boundaries were reported when matching certain input bytes against regex patterns in non UTF-8 mode (CVE-2007-1661) and when searching for unmatched brackets or parentheses (CVE-2007-1662). Multiple integer overflows when processing escape sequences may lead to invalid memory read operations or potentially cause heap-based buffer overflows (CVE-2007-4766). PCRE does not properly handle '\\P' and '\\P{x}' sequences which can lead to heap-based buffer overflows or trigger the execution of infinite loops (CVE-2007-4767), PCRE is also prone to an error when optimizing character classes containing a singleton UTF-8 sequence which might lead to a heap-based buffer overflow (CVE-2007-4768). Chris Evans also reported multiple integer overflow vulnerabilities in PCRE when processing a large number of named subpatterns ('name_count') or long subpattern names ('max_name_size') (CVE-2006-7227), and via large 'min', 'max', or 'duplength' values (CVE-2006-7228) both possibly leading to buffer overflows. Another vulnerability was reported when compiling patterns where the '-x' or '-i' UTF-8 options change within the pattern, which might lead to improper memory calculations (CVE-2006-7230). Impact : An attacker could exploit these vulnerabilities by sending specially crafted regular expressions to applications making use of the PCRE library, which could possibly lead to the execution of arbitrary code, a Denial of Service or the disclosure of sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 28319
    published 2007-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28319
    title GLSA-200711-30 : PCRE: Multiple vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-1068.NASL
    description Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 67061
    published 2013-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67061
    title CentOS 4 : pcre (CESA-2007:1068)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1063.NASL
    description Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7228, CVE-2007-1660) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 28365
    published 2007-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28365
    title RHEL 3 : pcre (RHSA-2007:1063)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-1063.NASL
    description Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7228, CVE-2007-1660) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 36264
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36264
    title CentOS 3 : pcre (CESA-2007:1063)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1077.NASL
    description Updated python packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. An integer overflow flaw was discovered in the way Python's pcre module handled certain regular expressions. If a Python application used the pcre module to compile and execute untrusted regular expressions, it may be possible to cause the application to crash, or allow arbitrary code execution with the privileges of the Python interpreter. (CVE-2006-7228) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Users of Python are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 29302
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29302
    title RHEL 2.1 : python (RHSA-2007:1077)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-1063.NASL
    description From Red Hat Security Advisory 2007:1063 : Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7228, CVE-2007-1660) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67612
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67612
    title Oracle Linux 3 : pcre (ELSA-2007-1063)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071210_PYTHON_ON_SL4_X.NASL
    description An integer overflow flaw was discovered in the way Python's pcre module handled certain regular expressions. If a Python application used the pcre module to compile and execute untrusted regular expressions, it may be possible to cause the application to crash, or allow arbitrary code execution with the privileges of the Python interpreter. (CVE-2006-7228) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60327
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60327
    title Scientific Linux Security Update : python on SL4.x, SL3.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-1059.NASL
    description From Red Hat Security Advisory 2007:1059 : Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67611
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67611
    title Oracle Linux 5 : pcre (ELSA-2007-1059)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1076.NASL
    description Updated python packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. An integer overflow flaw was discovered in the way Python's pcre module handled certain regular expressions. If a Python application used the pcre module to compile and execute untrusted regular expressions, it may be possible to cause the application to crash, or allow arbitrary code execution with the privileges of the Python interpreter. (CVE-2006-7228) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) Users of Python are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 29301
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29301
    title RHEL 3 / 4 : python (RHSA-2007:1076)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1059.NASL
    description Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 28364
    published 2007-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28364
    title RHEL 5 : pcre (RHSA-2007:1059)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-212.NASL
    description Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application. Updated packages have been patched to prevent this issue. Additionally, Corporate Server 4.0 was updated to pcre version 6.7 which corrected CVE-2006-7225, CVE-2006-7226, CVE-2006-7227, CVE-2006-7228, and CVE-2006-7230.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27849
    published 2007-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27849
    title Mandrake Linux Security Advisory : pcre (MDKSA-2007:212)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-1076.NASL
    description From Red Hat Security Advisory 2007:1076 : Updated python packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. An integer overflow flaw was discovered in the way Python's pcre module handled certain regular expressions. If a Python application used the pcre module to compile and execute untrusted regular expressions, it may be possible to cause the application to crash, or allow arbitrary code execution with the privileges of the Python interpreter. (CVE-2006-7228) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) Users of Python are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67614
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67614
    title Oracle Linux 3 / 4 : python (ELSA-2007-1076)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1570.NASL
    description Andrews Salomon reported that kazehakase, a GTK+-based web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. The PCRE library has been updated to fix the security issues reported against it in previous Debian Security Advisories. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 32144
    published 2008-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32144
    title Debian DSA-1570-1 : kazehakase - various
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12000.NASL
    description Apache2 contains a copy of the pcre library. Specially crafted regular expressions could lead to a buffer overflow in the pcre library. Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code. (CVE-2006-7224, CVE-2007-1660)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41170
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41170
    title SuSE9 Security Update : Apache 2 (YOU Patch Number 12000)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071129_PCRE_ON_SL4_X.NASL
    description Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230, CVE-2007-1660)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 65042
    published 2013-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65042
    title Scientific Linux Security Update : pcre on SL4.x, SL3.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0546.NASL
    description Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. It was discovered that the PHP escapeshellcmd() function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions imposed by escapeshellcmd() and execute arbitrary commands if the PHP script was using certain locales. Scripts using the default UTF-8 locale are not affected by this issue. (CVE-2008-2051) The PHP functions htmlentities() and htmlspecialchars() did not properly recognize partial multi-byte sequences. Certain sequences of bytes could be passed through these functions without being correctly HTML-escaped. Depending on the browser being used, an attacker could use this flaw to conduct cross-site scripting attacks. (CVE-2007-5898) A PHP script which used the transparent session ID configuration option, or which used the output_add_rewrite_var() function, could leak session identifiers to external websites. If a page included an HTML form with an ACTION attribute referencing a non-local URL, the user's session ID would be included in the form data passed to that URL. (CVE-2007-5899) It was discovered that PHP did not properly seed its pseudo-random number generator used by functions such as rand() and mt_rand(), possibly allowing an attacker to easily predict the generated pseudo-random values. (CVE-2008-2107, CVE-2008-2108) Integer overflow and memory requirements miscalculation issues were discovered in the Perl-Compatible Regular Expression (PCRE) library used by PHP to process regular expressions. These issues could cause a crash, or possibly execute an arbitrary code with the privileges of the PHP script that processes regular expressions from untrusted sources. Note: PHP packages shipped with Red Hat Enterprise Linux 2.1 did not use the system-level PCRE library. By default they used an embedded copy of the library included with the PHP package. (CVE-2006-7228, CVE-2007-1660) Users of PHP should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 33512
    published 2008-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33512
    title RHEL 2.1 : php (RHSA-2008:0546)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071109_PCRE_ON_SL5_X.NASL
    description This importance of this has been reduced to 'Important' We have renumbered the release for SL5 so that it doesn't conflict with the previous pcre security update.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60298
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60298
    title Scientific Linux Security Update : pcre on SL5.x i386/x86_64
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2008-0003.NASL
    description I Updated ESX driver a. Updated aacraid driver This patch fixes a flaw in how the aacraid SCSI driver checked IOCTL command permissions. This flaw might allow a local user on the Service Console to cause a denial of service or gain privileges. Thanks to Adaptec for reporting this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-4308 to this issue. II Service Console package security updates a. Samba Alin Rad Pop of Secunia Research found a stack-based buffer overflow flaw in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash or to execute arbitrary code with the permissions of the Samba server. Note: This vulnerability can be exploited only if the attacker has access to the Service Console network. The Samba client is installed by default in the Service Console, but the Samba server is not. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-6015 to this issue. b. Python Chris Evans of the Google security research team discovered an integer overflow issue with the way Python's Perl-Compatible Regular Expression (PCRE) module handled certain regular expressions. If a Python application used the PCRE module to compile and execute untrusted regular expressions, it might be possible to cause the application to crash, or to execute arbitrary code with the privileges of the Python interpreter. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2006-7228 to this issue. Piotr Engelking discovered a flaw in Python's locale module where strings generated by the strxfrm() function were not properly NUL-terminated. This might result in disclosure of data stored in the memory of a Python application using the strxfrm() function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-2052 to this issue. Slythers Bro reported multiple integer overflow flaws in Python's imageop module. These could allow an attacker to cause a Python application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-4965 to this issue.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 40374
    published 2009-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40374
    title VMSA-2008-0003 : Moderate: Updated aacraid driver and samba and python Service Console updates
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-1076.NASL
    description Updated python packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. An integer overflow flaw was discovered in the way Python's pcre module handled certain regular expressions. If a Python application used the pcre module to compile and execute untrusted regular expressions, it may be possible to cause the application to crash, or allow arbitrary code execution with the privileges of the Python interpreter. (CVE-2006-7228) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) Users of Python are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 29255
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29255
    title CentOS 3 / 4 : python (CESA-2007:1076)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1065.NASL
    description Updated pcre packages that resolve several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7228, CVE-2007-1660) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 28366
    published 2007-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28366
    title RHEL 2.1 : pcre (RHSA-2007:1065)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200802-10.NASL
    description The remote host is affected by the vulnerability described in GLSA-200802-10 (Python: PCRE Integer overflow) Python 2.3 includes a copy of PCRE which is vulnerable to an integer overflow vulnerability, leading to a buffer overflow. Impact : An attacker could exploit the vulnerability by tricking a vulnerable Python application to compile a regular expressions, which could possibly lead to the execution of arbitrary code, a Denial of Service or the disclosure of sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 31158
    published 2008-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31158
    title GLSA-200802-10 : Python: PCRE Integer overflow
oval via4
accepted 2013-04-29T04:08:58.870-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
family unix
id oval:org.mitre.oval:def:10810
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2007:1059
  • rhsa
    id RHSA-2007:1063
  • rhsa
    id RHSA-2007:1065
  • rhsa
    id RHSA-2007:1068
  • rhsa
    id RHSA-2007:1076
  • rhsa
    id RHSA-2007:1077
  • rhsa
    id RHSA-2008:0546
rpms
  • pcre-0:6.6-2.el5_1.7
  • pcre-devel-0:6.6-2.el5_1.7
  • pcre-0:3.9-10.4
  • pcre-devel-0:3.9-10.4
  • pcre-0:4.5-4.el4_6.6
  • pcre-devel-0:4.5-4.el4_6.6
  • python-0:2.2.3-6.8
  • python-devel-0:2.2.3-6.8
  • python-tools-0:2.2.3-6.8
  • tkinter-0:2.2.3-6.8
  • python-0:2.3.4-14.4.el4_6.1
  • python-devel-0:2.3.4-14.4.el4_6.1
  • python-docs-0:2.3.4-14.4.el4_6.1
  • python-tools-0:2.3.4-14.4.el4_6.1
  • tkinter-0:2.3.4-14.4.el4_6.1
refmap via4
bid 26462
bugtraq
  • 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates
  • 20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
confirm
debian DSA-1570
gentoo
  • GLSA-200711-30
  • GLSA-200801-02
  • GLSA-200801-18
  • GLSA-200801-19
  • GLSA-200802-10
  • GLSA-200805-11
mandriva
  • MDVSA-2008:012
  • MDVSA-2008:030
misc
mlist
  • [Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates
  • [Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
secunia
  • 27582
  • 27741
  • 27773
  • 27776
  • 28027
  • 28041
  • 28050
  • 28406
  • 28414
  • 28658
  • 28714
  • 28720
  • 29032
  • 29085
  • 29785
  • 30106
  • 30155
  • 30219
  • 31124
suse
  • SUSE-SA:2007:062
  • SUSE-SA:2008:004
vupen
  • ADV-2008-0637
  • ADV-2008-1234
Last major update 07-03-2011 - 21:48
Published 14-11-2007 - 16:46
Last modified 16-10-2018 - 12:29
Back to Top