ID CVE-2008-1552
Summary The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow. NOTE: the researcher describes this as an integer overflow, but CVE uses the "underflow" term in cases of wraparound from unsigned subtraction.
References
Vulnerable Configurations
  • cpe:2.3:a:silc:silc_client:*:*:*:*:*:*:*:*
    cpe:2.3:a:silc:silc_client:*:*:*:*:*:*:*:*
  • cpe:2.3:a:silc:silc_server:*:*:*:*:*:*:*:*
    cpe:2.3:a:silc:silc_server:*:*:*:*:*:*:*:*
  • cpe:2.3:a:silc:silc_toolkit:*:*:*:*:*:*:*:*
    cpe:2.3:a:silc:silc_toolkit:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*
  • cpe:2.3:a:silc:silc:*:*:*:*:*:*:*:*
    cpe:2.3:a:silc:silc:*:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 11-10-2018 - 20:35)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 28373
bugtraq 20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow
confirm
fedora
  • FEDORA-2008-2616
  • FEDORA-2008-2641
gentoo GLSA-200804-27
mandriva MDVSA-2008:158
misc http://www.coresecurity.com/?action=item&id=2206
sectrack 1019690
secunia
  • 29463
  • 29465
  • 29622
  • 29946
sreason 3795
suse SUSE-SR:2008:008
vupen ADV-2008-0974
xf silc-silcpkcs1decode-bo(41474)
statements via4
contributor Joshua Bressers
lastmodified 2008-04-23
organization Red Hat
statement Red Hat does not consider this issue to be a security flaw as SILC is not used in a vulnerable manner in Red Hat Enterprise Linux 4 and 5. More information can be found here: https://bugzilla.redhat.com/show_bug.cgi?id=440049
Last major update 11-10-2018 - 20:35
Published 31-03-2008 - 17:44
Back to Top