FreeBSD.bspatch.Utility.Remote.Code.Execution
Description
This indicates an attack attempt against a remote Code Execution in the bspatch utility in FreeBSD.
The vulnerability is due to improper bounds checking when the vulnerable software reads from diff and extra stream values. An attacker can trick an unsuspecting user into downloading and applying a crafted patch file and execute arbitrary code with the privileges of the target user.
Affected Products
FreeBSD Project FreeBSD releng/10.1/ prior to r303304
FreeBSD Project FreeBSD releng/10.2/ prior to r303304
FreeBSD Project FreeBSD releng/10.3/ prior to r303304
FreeBSD Project FreeBSD releng/9.3/ prior to r303304
FreeBSD Project FreeBSD stable/10/ prior to r303301
FreeBSD Project FreeBSD stable/11 prior to r303301
FreeBSD Project FreeBSD stable/11/ prior to r303300
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
http://security.freebsd.org/advisories/FreeBSD-SA-16:25.bspatch.asc
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |