Vulnerabilities > CVE-2008-1687 - Unspecified vulnerability in GNU M4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN gnu
nessus
Summary
The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.
Nessus
NASL family | Slackware Local Security Checks |
NASL id | SLACKWARE_SSA_2008-098-01.NASL |
description | New m4 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 31802 |
published | 2008-04-11 |
reporter | This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/31802 |
title | Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : m4 (SSA:2008-098-01) |
code |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 28688 CVE(CAN) ID: CVE-2008-1687,CVE-2008-1688 GNU M4是广泛应用的GNU宏处理器。 GNU M4的src/freeze.c文件中的produce_frozen_state()函数存在格式串处理漏洞,如果向m4 -F传送了特制的文件名参数的话,就可能导致执行任意指令。 GNU M4在实现maketemp和mkstemp宏时存在漏洞,如果输出字符串中包含有特殊字符的话,就可能导致处理不正确的文件。 GNU m4 1.4.10 GNU --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://git.sv.gnu.org/gitweb/?p=m4.git;a=commit;h=035998112737e52cb229e342913ef404e5a51040 target=_blank>http://git.sv.gnu.org/gitweb/?p=m4.git;a=commit;h=035998112737e52cb229e342913ef404e5a51040</a> <a href=http://git.sv.gnu.org/gitweb/?p=m4.git;a=commit;h=5345bb49077bfda9fabd048e563f9e7077fe335d target=_blank>http://git.sv.gnu.org/gitweb/?p=m4.git;a=commit;h=5345bb49077bfda9fabd048e563f9e7077fe335d</a> |
id | SSV:3156 |
last seen | 2017-11-19 |
modified | 2008-04-13 |
published | 2008-04-13 |
reporter | Root |
title | GNU m4格式串及文件名引用漏洞 |
Statements
contributor | Joshua Bressers |
lastmodified | 2008-04-15 |
organization | Red Hat |
statement | Red Hat does not consider this to be a security issue. After careful analysis of this issue the Red Hat Security Response Team has determined that this bug has no security impact outside of expected m4 behavior. |
References
- http://secunia.com/advisories/29671
- http://secunia.com/advisories/29671
- http://secunia.com/advisories/29729
- http://secunia.com/advisories/29729
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
- http://www.openwall.com/lists/oss-security/2008/04/07/1
- http://www.openwall.com/lists/oss-security/2008/04/07/1
- http://www.openwall.com/lists/oss-security/2008/04/07/12
- http://www.openwall.com/lists/oss-security/2008/04/07/12
- http://www.openwall.com/lists/oss-security/2008/04/07/3
- http://www.openwall.com/lists/oss-security/2008/04/07/3
- http://www.openwall.com/lists/oss-security/2008/04/07/4
- http://www.openwall.com/lists/oss-security/2008/04/07/4
- http://www.securityfocus.com/bid/28688
- http://www.securityfocus.com/bid/28688
- http://www.vupen.com/english/advisories/2008/1151/references
- http://www.vupen.com/english/advisories/2008/1151/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41706
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41706