Vulnerabilities > CVE-2005-2958 - Format String vulnerability in LibGDA
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE9_10554.NASL description This update fixes the following security problem: libgda contained two format string bugs in logging routines. Those bugs could potentially indirectly lead to arbitrary code execution via applications that link against libgda and supply data to libgda. (CVE-2005-2958) last seen 2020-06-01 modified 2020-06-02 plugin id 41082 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41082 title SuSE9 Security Update : libgda (YOU Patch Number 10554) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41082); script_version("1.8"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2005-2958"); script_name(english:"SuSE9 Security Update : libgda (YOU Patch Number 10554)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update fixes the following security problem: libgda contained two format string bugs in logging routines. Those bugs could potentially indirectly lead to arbitrary code execution via applications that link against libgda and supply data to libgda. (CVE-2005-2958)" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2005-2958/" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 10554."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/11/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"libgda-1.0.3-54.4")) flag++; if (rpm_check(release:"SUSE9", reference:"libgda-devel-1.0.3-54.4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200511-01.NASL description The remote host is affected by the vulnerability described in GLSA-200511-01 (libgda: Format string vulnerabilities) Steve Kemp discovered two format string vulnerabilities in the gda_log_error and gda_log_message functions. Some applications may pass untrusted input to those functions and be vulnerable. Impact : An attacker could pass malicious input to an application making use of the vulnerable libgda functions, potentially resulting in the execution of arbitrary code with the rights of that application. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 20140 published 2005-11-04 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20140 title GLSA-200511-01 : libgda: Format string vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2005-1029.NASL description - Wed Oct 26 2005 Caolan McNamara <caolanm at redhat.com> 1:1.0.4-3.1 - CVE-2005-2958 libgda format string issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20164 published 2005-11-08 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20164 title Fedora Core 3 : libgda-1.0.4-3.1 (2005-1029) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-203.NASL description Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library. The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 20438 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20438 title Mandrake Linux Security Advisory : gda2.0 (MDKSA-2005:203) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-212-1.NASL description Steve Kemp discovered two format string vulnerabilities in the logging handler of the Gnome database access library. Depending on the application that uses the library, this could have been exploited to execute arbitrary code with the permission of the user running the application. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20630 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20630 title Ubuntu 4.10 / 5.04 / 5.10 : libgda2 vulnerability (USN-212-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-871.NASL description Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library. last seen 2020-06-01 modified 2020-06-02 plugin id 22737 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22737 title Debian DSA-871-2 : libgda2 - format string
References
- http://secunia.com/advisories/17323
- http://secunia.com/advisories/17339
- http://secunia.com/advisories/17391
- http://secunia.com/advisories/17426
- http://secunia.com/advisories/17500
- http://secunia.com/advisories/17559
- http://securitytracker.com/id?1015107
- http://www.debian.org/security/2005/dsa-871
- http://www.gentoo.org/security/en/glsa/glsa-200511-01.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:203
- http://www.novell.com/linux/security/advisories/2005_27_sr.html
- http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00013.html
- http://www.securityfocus.com/bid/15200
- https://usn.ubuntu.com/212-1/