PT-2010-1033 · Libsmi+1 · Libsmi+1

Andrés López Luksenberg

·

Publicado

2010-10-27

·

Atualizado

2024-06-15

·

CVE-2010-2891

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions libsmi versions prior to 0.4.8
Description The issue affects the libsmi package, potentially leading to breaches of confidentiality, integrity, and availability of protected information. It can be exploited remotely. The problem is caused by a buffer overflow in the smiGetNode function, allowing attackers to execute arbitrary code via a specially crafted Object Identifier.
Recommendations For versions prior to 0.4.8, update to version 0.4.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the smiGetNode function until a patch is available.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2019-2569
ALT-PU-2019-2576
AZL-34938
AZL-6647
AZL-7272
BDU:2015-03137
BDU:2015-09693
CVE-2010-2891
DSA-2145-1
OPENSUSE-SU-2024:10266-1

Produtos afetados

Alt Linux
Libsmi