Vulnerabilities > CVE-2007-2894 - Buffer Overflow and Denial Of Service vulnerability in Bochs Project Bochs 2.3
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Bochs 2.3 Buffer Overflow and Denial Of Service Vulnerabilities. CVE-2007-2894. Dos exploit for linux platform |
| id | EDB-ID:30110 |
| last seen | 2016-02-03 |
| modified | 2007-05-31 |
| published | 2007-05-31 |
| reporter | Tavis Ormandy |
| source | https://www.exploit-db.com/download/30110/ |
| title | Bochs 2.3 - Buffer Overflow and Denial of Service Vulnerabilities |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2007-1778.NASL description This security update of bochs fixes CVE-2007-2894 : The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27733 published 2007-11-06 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27733 title Fedora 7 : bochs-2.3-7.fc7 (2007-1778) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200711-21.NASL description The remote host is affected by the vulnerability described in GLSA-200711-21 (Bochs: Multiple vulnerabilities) Tavis Ormandy of the Google Security Team discovered a heap-based overflow vulnerability in the NE2000 driver (CVE-2007-2893). He also discovered a divide-by-zero error in the emulated floppy disk controller (CVE-2007-2894). Impact : A local attacker in the guest operating system could exploit these issues to execute code outside of the virtual machine, or cause Bochs to crash. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 28260 published 2007-11-20 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28260 title GLSA-200711-21 : Bochs: Multiple vulnerabilities
References
- http://bugs.gentoo.org/show_bug.cgi?id=188148
- http://osvdb.org/42119
- http://secunia.com/advisories/25470
- http://secunia.com/advisories/27715
- http://security.gentoo.org/glsa/glsa-200711-21.xml
- http://taviso.decsystem.org/virtsec.pdf
- http://www.securityfocus.com/bid/24246
- http://www.vupen.com/english/advisories/2007/1936
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34513