| Check Point Reference: |
CPAI-2010-204 |
| Date Published: |
3 Jun 2010 |
| Severity: |
Critical
|
| Last Updated: |
Friday 01 January, 2010 |
| Source: |
Secunia Advisory: SA39966 |
| Industry Reference: | CVE-2010-1938 |
| Protection Provided by: |
|
| Who is Vulnerable? | FreeBSD Project FreeBSD 6
FreeBSD Project FreeBSD 7
FreeBSD Project FreeBSD 8
Novell openSUSE _Other |
| Vulnerability Description |
A stack buffer overflow vulnerability has been reported in OPIE. OPIE, "One time Passwords In Everything", is a login and password package installed on the server and the client, which makes untrusted networks safer against password-sniffing packet analysis software. OPIE is shipped with DragonFly BSD, FreeBSD and OpenSUSE. A remote attacker could exploit this vulnerability to cause a stack-based buffer overflow and execute arbitrary code on a vulnerable system. |
| Update/Patch Avaliable | Upgrade your vulnerable system:
FreeBSD |
| Vulnerability Details | This issue is due to a off-by-one vulnerability while processing attacker controlled username. The vulnerable code bounds-check the input string but incorrectly limits it to (buffersize+1). Remote attackers could exploit this issue by sending a longer username to a vulnerable service that uses OPIE. Successful exploitation of this vulnerability would allow the attacker to take complete control of the affected system. |
Feedback