Vulnerabilities > CVE-2008-1767 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redhat products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
redhat
CWE-119
nessus
exploit available

Summary

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Exploit-Db

descriptionlibxslt XSL 1.1.23 File Processing Buffer Overflow Vulnerability. CVE-2008-1767. Dos exploit for linux platform
idEDB-ID:31815
last seen2016-02-03
modified2008-05-21
published2008-05-21
reporterAnthony de Almeida Lopes
sourcehttps://www.exploit-db.com/download/31815/
titlelibxslt XSL <= 1.1.23 - File Processing Buffer Overflow Vulnerability

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12184.NASL
    descriptionA libxslt XSL-match processing overflow has been fixed. CVE-2008-1767 has been assigned to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id41218
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41218
    titleSuSE9 Security Update : libxslt (YOU Patch Number 12184)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41218);
      script_version("1.7");
      script_cvs_date("Date: 2019/10/25 13:36:31");
    
      script_cve_id("CVE-2008-1767");
    
      script_name(english:"SuSE9 Security Update : libxslt (YOU Patch Number 12184)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 9 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A libxslt XSL-match processing overflow has been fixed. CVE-2008-1767
    has been assigned to this issue."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-1767.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12184.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/06/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SUSE9", reference:"libxslt-1.1.2-58.11")) flag++;
    if (rpm_check(release:"SUSE9", reference:"libxslt-devel-1.1.2-58.11")) flag++;
    if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"libxslt-32bit-9-200805201632")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-151.NASL
    descriptionA buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code (CVE-2008-1767). The updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id37284
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37284
    titleMandriva Linux Security Advisory : libxslt (MDVSA-2008:151)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2008:151. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(37284);
      script_version ("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:50");
    
      script_cve_id("CVE-2008-1767");
      script_bugtraq_id(29312);
      script_xref(name:"MDVSA", value:"2008:151");
    
      script_name(english:"Mandriva Linux Security Advisory : libxslt (MDVSA-2008:151)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A buffer overflow vulnerability in libxslt could be exploited via an
    XSL style sheet file with a long XLST transformation match condition,
    which could possibly lead to the execution of arbitrary code
    (CVE-2008-1767).
    
    The updated packages have been patched to correct this issue."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xslt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xslt1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xslt1-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxslt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxslt-proc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxslt1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxslt1-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-libxslt");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/07/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64xslt1-1.1.20-2.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64xslt1-devel-1.1.20-2.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"libxslt-proc-1.1.20-2.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libxslt1-1.1.20-2.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libxslt1-devel-1.1.20-2.1mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"python-libxslt-1.1.20-2.1mdv2007.1", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xslt-devel-1.1.22-2.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xslt1-1.1.22-2.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxslt-devel-1.1.22-2.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"libxslt-proc-1.1.22-2.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxslt1-1.1.22-2.1mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"python-libxslt-1.1.22-2.1mdv2008.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64xslt-devel-1.1.22-2.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64xslt1-1.1.22-2.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libxslt-devel-1.1.22-2.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"libxslt-proc-1.1.22-2.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libxslt1-1.1.22-2.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"python-libxslt-1.1.22-2.1mdv2008.1", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0287.NASL
    descriptionUpdated libxslt packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. libxslt is a C library, based on libxml, for parsing of XML files into other textual formats (eg HTML, plain text and other XML representations of the underlying data) It uses the standard XSLT stylesheet transformation mechanism and, being written in plain ANSI C, is designed to be simple to incorporate into other applications Anthony de Almeida Lopes reported the libxslt library did not properly process long
    last seen2020-06-01
    modified2020-06-02
    plugin id32401
    published2008-05-22
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/32401
    titleCentOS 3 / 4 / 5 : libxslt (CESA-2008:0287)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0287 and 
    # CentOS Errata and Security Advisory 2008:0287 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(32401);
      script_version("1.14");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2008-1767");
      script_bugtraq_id(29312);
      script_xref(name:"RHSA", value:"2008:0287");
    
      script_name(english:"CentOS 3 / 4 / 5 : libxslt (CESA-2008:0287)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated libxslt packages that fix a security issue are now available.
    
    This update has been rated as having important security impact by the
    Red Hat Security Response Team.
    
    libxslt is a C library, based on libxml, for parsing of XML files into
    other textual formats (eg HTML, plain text and other XML
    representations of the underlying data) It uses the standard XSLT
    stylesheet transformation mechanism and, being written in plain ANSI
    C, is designed to be simple to incorporate into other applications
    
    Anthony de Almeida Lopes reported the libxslt library did not properly
    process long 'transformation match' conditions in the XSL stylesheet
    files. An attacker could create a malicious XSL file that would cause
    a crash, or, possibly, execute and arbitrary code with the privileges
    of the application using libxslt library to perform XSL
    transformations. (CVE-2008-1767)
    
    All users are advised to upgrade to these updated packages, which
    contain a backported patch to resolve this issue."
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014920.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7d4792bc"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014921.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?fbb6f292"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014922.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7ecdcaf9"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014923.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5d924c26"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014929.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1e15aebb"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014930.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?315b6946"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014933.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?58a7ced9"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-May/014934.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a36cb756"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libxslt packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxslt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxslt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxslt-python");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/05/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/05/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x / 4.x / 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-3", reference:"libxslt-1.0.33-6")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"libxslt-devel-1.0.33-6")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"libxslt-python-1.0.33-6")) flag++;
    
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libxslt-1.1.11-1.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libxslt-1.1.11-1.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libxslt-1.1.11-1.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libxslt-devel-1.1.11-1.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libxslt-devel-1.1.11-1.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libxslt-devel-1.1.11-1.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libxslt-python-1.1.11-1.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libxslt-python-1.1.11-1.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libxslt-python-1.1.11-1.el4_6.1")) flag++;
    
    if (rpm_check(release:"CentOS-5", reference:"libxslt-1.1.17-2.el5_1.1")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"libxslt-devel-1.1.17-2.el5_1.1")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"libxslt-python-1.1.17-2.el5_1.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxslt / libxslt-devel / libxslt-python");
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2008-210-03.NASL
    descriptionNew libxslt packages are available for Slackware 12.0, 12.1, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id33748
    published2008-07-29
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33748
    titleSlackware 12.0 / 12.1 / current : libxslt (SSA:2008-210-03)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SAFARI3_2.NASL
    descriptionThe version of Apple Safari installed on the remote Mac OS X host is earlier than 3.2. As such, it is potentially affected by several issues : - A signedness issue in Safari
    last seen2020-06-01
    modified2020-06-02
    plugin id34773
    published2008-11-14
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34773
    titleMac OS X : Apple Safari < 3.2
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-633-1.NASL
    descriptionIt was discovered that long transformation matches in libxslt could overflow. If an attacker were able to make an application linked against libxslt process malicious XSL style sheet input, they could execute arbitrary code with user privileges or cause the application to crash, leading to a denial of serivce. (CVE-2008-1767) Chris Evans discovered that the RC4 processing code in libxslt did not correctly handle corrupted key information. If a remote attacker were able to make an application linked against libxslt process malicious XML input, they could crash the application, leading to a denial of service. (CVE-2008-2935). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id33808
    published2008-08-04
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/33808
    titleUbuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : libxslt vulnerabilities (USN-633-1)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2008-007.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-007 applied. This security update contains fixes for the following products : - Apache - Certificates - ClamAV - ColorSync - CUPS - Finder - launchd - libxslt - MySQL Server - Networking - PHP - Postfix - PSNormalizer - QuickLook - rlogin - Script Editor - Single Sign-On - Tomcat - vim - Weblog
    last seen2020-06-01
    modified2020-06-02
    plugin id34374
    published2008-10-10
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34374
    titleMac OS X Multiple Vulnerabilities (Security Update 2008-007)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_LIBXSLT-5263.NASL
    descriptionA libxslt XSL-match processing overflow has been fixed. CVE-2008-1767 has been assigned to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id33195
    published2008-06-16
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33195
    titleopenSUSE 10 Security Update : libxslt (libxslt-5263)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200806-02.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200806-02 (libxslt: Execution of arbitrary code) Anthony de Almeida Lopes reported a vulnerability in libxslt when handling XSL style-sheet files, which could be exploited to trigger the use of uninitialized memory, e.g. in a call to
    last seen2020-06-01
    modified2020-06-02
    plugin id33085
    published2008-06-04
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33085
    titleGLSA-200806-02 : libxslt: Execution of arbitrary code
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20080521_LIBXSLT_ON_SL3_X.NASL
    descriptionAnthony de Almeida Lopes reported the libxslt library did not properly process long
    last seen2020-06-01
    modified2020-06-02
    plugin id60405
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60405
    titleScientific Linux Security Update : libxslt on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0287.NASL
    descriptionFrom Red Hat Security Advisory 2008:0287 : Updated libxslt packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. libxslt is a C library, based on libxml, for parsing of XML files into other textual formats (eg HTML, plain text and other XML representations of the underlying data) It uses the standard XSLT stylesheet transformation mechanism and, being written in plain ANSI C, is designed to be simple to incorporate into other applications Anthony de Almeida Lopes reported the libxslt library did not properly process long
    last seen2020-06-01
    modified2020-06-02
    plugin id67692
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67692
    titleOracle Linux 3 / 4 / 5 : libxslt (ELSA-2008-0287)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_LIBXSLT-5343.NASL
    descriptionA libxslt XSL-match processing overflow has been fixed. CVE-2008-1767 has been assigned to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id33196
    published2008-06-16
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33196
    titleSuSE 10 Security Update : libxslt (ZYPP Patch Number 5343)
  • NASL familyWindows
    NASL idSAFARI_3_2.NASL
    descriptionThe version of Safari installed on the remote Windows host is earlier than 3.2. Such versions are potentially affected by several issues : - Safari includes a version of zlib that is affected by multiple vulnerabilities. (CVE-2005-2096) - A heap-based buffer overflow issue in the libxslt library could lead to a crash or arbitrary code execution. (CVE-2008-1767) - A signedness issue in Safari
    last seen2020-06-01
    modified2020-06-02
    plugin id34772
    published2008-11-14
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34772
    titleSafari < 3.2 Multiple Vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1589.NASL
    descriptionIt was discovered that libxslt, an XSLT processing runtime library, could be coerced into executing arbitrary code via a buffer overflow when an XSL style sheet file with a long XSLT
    last seen2020-06-01
    modified2020-06-02
    plugin id32457
    published2008-05-29
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/32457
    titleDebian DSA-1589-1 : libxslt - buffer overflow
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0287.NASL
    descriptionUpdated libxslt packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. libxslt is a C library, based on libxml, for parsing of XML files into other textual formats (eg HTML, plain text and other XML representations of the underlying data) It uses the standard XSLT stylesheet transformation mechanism and, being written in plain ANSI C, is designed to be simple to incorporate into other applications Anthony de Almeida Lopes reported the libxslt library did not properly process long
    last seen2020-06-01
    modified2020-06-02
    plugin id32421
    published2008-05-22
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/32421
    titleRHEL 2.1 / 3 / 4 / 5 : libxslt (RHSA-2008:0287)

Oval

accepted2013-04-29T04:22:11.015-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionBuffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
familyunix
idoval:org.mitre.oval:def:9785
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleBuffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
version27

Redhat

advisories
bugzilla
id446809
title condition in XSL file
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 4 is installed
      ovaloval:com.redhat.rhba:tst:20070304025
    • OR
      • AND
        • commentlibxslt is earlier than 0:1.1.11-1.el4_6.1
          ovaloval:com.redhat.rhsa:tst:20080287001
        • commentlibxslt is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20080287002
      • AND
        • commentlibxslt-python is earlier than 0:1.1.11-1.el4_6.1
          ovaloval:com.redhat.rhsa:tst:20080287003
        • commentlibxslt-python is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20080287004
      • AND
        • commentlibxslt-devel is earlier than 0:1.1.11-1.el4_6.1
          ovaloval:com.redhat.rhsa:tst:20080287005
        • commentlibxslt-devel is signed with Red Hat master key
          ovaloval:com.redhat.rhsa:tst:20080287006
  • AND
    • commentRed Hat Enterprise Linux 5 is installed
      ovaloval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • commentlibxslt-python is earlier than 0:1.1.17-2.el5_1.1
          ovaloval:com.redhat.rhsa:tst:20080287008
        • commentlibxslt-python is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080287009
      • AND
        • commentlibxslt is earlier than 0:1.1.17-2.el5_1.1
          ovaloval:com.redhat.rhsa:tst:20080287010
        • commentlibxslt is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080287011
      • AND
        • commentlibxslt-devel is earlier than 0:1.1.17-2.el5_1.1
          ovaloval:com.redhat.rhsa:tst:20080287012
        • commentlibxslt-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080287013
rhsa
idRHSA-2008:0287
released2008-05-21
severityImportant
titleRHSA-2008:0287: libxslt security update (Important)
rpms
  • libxslt-0:1.0.15-3
  • libxslt-0:1.0.33-6
  • libxslt-0:1.1.11-1.el4_6.1
  • libxslt-0:1.1.17-2.el5_1.1
  • libxslt-debuginfo-0:1.0.33-6
  • libxslt-debuginfo-0:1.1.11-1.el4_6.1
  • libxslt-debuginfo-0:1.1.17-2.el5_1.1
  • libxslt-devel-0:1.0.15-3
  • libxslt-devel-0:1.0.33-6
  • libxslt-devel-0:1.1.11-1.el4_6.1
  • libxslt-devel-0:1.1.17-2.el5_1.1
  • libxslt-python-0:1.0.15-3
  • libxslt-python-0:1.1.11-1.el4_6.1
  • libxslt-python-0:1.1.17-2.el5_1.1

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 29312 CVE(CAN) ID: CVE-2008-1767 Libxslt是为GNOME项目开发的XSLT C库,XSLT本身是用于定义XML转换的XML语言。 libxslt库在转换XML文档期间使用的固定大小的数组,如果XSL样式表文件中设置了特定的template match条件的话,则使用该库的应用程序在解析文件时会触发缓冲区溢出,导致应用程序崩溃或执行任意指令。 XMLSoft libxslt &lt; 1.1.24 Debian ------ Debian已经为此发布了一个安全公告(DSA-1589-1)以及相应补丁: DSA-1589-1:New libxslt packages fix execution of arbitrary code 链接:<a href=http://www.debian.org/security/2008/dsa-1589 target=_blank>http://www.debian.org/security/2008/dsa-1589</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19.orig.tar.gz</a> Size/MD5 checksum: 2799906 622e5843167593c8ea39bf86c66b8fcf <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19-2.dsc target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19-2.dsc</a> Size/MD5 checksum: 849 27df832e1c58fa0b4ee2fc08ae23eb52 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19-2.diff.gz target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19-2.diff.gz</a> Size/MD5 checksum: 149924 3135ddae6ed99518ca98cb6dd32f9cf5 alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_alpha.deb</a> Size/MD5 checksum: 107220 cb23c0170e99f97ba4a6328b6c15d4e8 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_alpha.deb</a> Size/MD5 checksum: 131268 264ec9a09e6fd46eb6acb82b6e2e458f <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_alpha.deb</a> Size/MD5 checksum: 690048 6af24b16a70e3eda53cf9b01aeb72abe <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_alpha.deb</a> Size/MD5 checksum: 362862 b0bfc373c7b2b029bdecc32fe3c6b393 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_alpha.deb</a> Size/MD5 checksum: 230516 c613baf2799aca2b10f704c72d65f6dd amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_amd64.deb</a> Size/MD5 checksum: 131736 bd359cba79ae664919f1d28bb7ee7bb9 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_amd64.deb</a> Size/MD5 checksum: 630600 9f2ce6f099ad058ddb7756c6bec0ad04 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_amd64.deb</a> Size/MD5 checksum: 225362 6fad243b75ab8773edac788ae83ff0b2 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_amd64.deb</a> Size/MD5 checksum: 106520 86122035aa23a3ac883a90f2ad206cb3 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_amd64.deb</a> Size/MD5 checksum: 360490 43bf746a2e2d510dc2b42bce0ebfe846 arm architecture (ARM) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_arm.deb</a> Size/MD5 checksum: 126438 8d9a6a49d04b7b718ea4891090590ebe <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_arm.deb</a> Size/MD5 checksum: 213174 5a22f4ddde902b9e62b320d595c717e4 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_arm.deb</a> Size/MD5 checksum: 106410 fa92dc9b78ddafc576c917dc634850f7 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_arm.deb</a> Size/MD5 checksum: 344476 84490df6ef91ef8d59397efd08141adb <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_arm.deb</a> Size/MD5 checksum: 612866 b755daf391dc131cec3cf5170f7ff3ef hppa architecture (HP PA RISC) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_hppa.deb</a> Size/MD5 checksum: 132206 246544f21eb977706164148ac110fef4 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_hppa.deb</a> Size/MD5 checksum: 656512 278e6530497e001b7af16b8c97259640 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_hppa.deb</a> Size/MD5 checksum: 107496 3c104b63b086ee54e45796cf8f8f5736 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_hppa.deb</a> Size/MD5 checksum: 238066 ec3a5a9b5ed19d8cea6e207b94960b06 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_hppa.deb</a> Size/MD5 checksum: 359052 99da4dbb694efd07fec538b0dfba57da i386 architecture (Intel ia32) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_i386.deb</a> Size/MD5 checksum: 215768 065db1534d256efaa0bdbed1d5bc2efa <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_i386.deb</a> Size/MD5 checksum: 106010 d736922f8f98e3655e0d17c47c182911 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_i386.deb</a> Size/MD5 checksum: 610254 7d2f1de6b328363d404e0167b2c3d0b2 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_i386.deb</a> Size/MD5 checksum: 127542 036211c64911322aad9f5afa3c67a8ce <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_i386.deb</a> Size/MD5 checksum: 350172 fbd79c2f46affc6a6daea73b95c5fe4c ia64 architecture (Intel ia64) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_ia64.deb</a> Size/MD5 checksum: 110354 a086d9e71e7152286ff25d6c28d1c188 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_ia64.deb</a> Size/MD5 checksum: 688004 a39cdbeb7e2bec2db123baf9fb936141 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_ia64.deb</a> Size/MD5 checksum: 286602 c417da9ebd63d8338401253df1194e01 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_ia64.deb</a> Size/MD5 checksum: 361472 3643ac55a03571fa185c4e0700298e82 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_ia64.deb</a> Size/MD5 checksum: 135176 9cdb256571bf9606ed56840a1e88ddb4 mips architecture (MIPS (Big Endian)) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_mips.deb</a> Size/MD5 checksum: 106622 5f3f9bff564736decdac2c69983211a0 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_mips.deb</a> Size/MD5 checksum: 213366 128a0294b6a09059fedb618371ec9d09 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_mips.deb</a> Size/MD5 checksum: 650424 55eab53a1978e3e2a7c1f7dbd68fc04c <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_mips.deb</a> Size/MD5 checksum: 128934 3d52f0f986dd862e8119eabeca944e35 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_mips.deb</a> Size/MD5 checksum: 371998 8f2ea540fd91ca75559d8589c8855de7 mipsel architecture (MIPS (Little Endian)) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_mipsel.deb</a> Size/MD5 checksum: 213564 c405f7eef65b01491758e64551b7977f <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_mipsel.deb</a> Size/MD5 checksum: 624640 9d2b59c3820eb9c99671399f967e0f3e <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_mipsel.deb</a> Size/MD5 checksum: 363788 09bdf35805a2de68a4d1dfe15c28dcfc <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_mipsel.deb</a> Size/MD5 checksum: 106668 2633adeeddc2edc4e36e45a7e4e92c2f <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_mipsel.deb</a> Size/MD5 checksum: 128564 c768001b8441118205f9f513af83e485 powerpc architecture (PowerPC) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_powerpc.deb</a> Size/MD5 checksum: 611678 3d3acc7b7be03bd0bb2e31dcadf05720 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_powerpc.deb</a> Size/MD5 checksum: 365012 94f6735cc42e233a67fd46df084120ee <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_powerpc.deb</a> Size/MD5 checksum: 108104 bca54d59be466884a5cfde0532a324df <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_powerpc.deb</a> Size/MD5 checksum: 222790 12aef46d1088d93375ab824b73702bc2 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_powerpc.deb</a> Size/MD5 checksum: 130124 37bb5353c81ed15374acc7305cc54839 s390 architecture (IBM S/390) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_s390.deb</a> Size/MD5 checksum: 106798 0a96df71e63deb7d7124aab48152a5df <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_s390.deb</a> Size/MD5 checksum: 131712 89e70e2d2fadd7b7ec9268d907a62d29 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_s390.deb</a> Size/MD5 checksum: 226596 751b28fafff17f6fcb8b2f4c0df370c0 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_s390.deb</a> Size/MD5 checksum: 601572 85051174031d0ff2c22fb87d1ab759c0 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_s390.deb</a> Size/MD5 checksum: 357722 661c9551483bf52573e52646aaa13b60 sparc architecture (Sun SPARC/UltraSPARC) <a href=http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-2_sparc.deb</a> Size/MD5 checksum: 106330 e6c23ad0752b3c7c22857c935befb984 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-2_sparc.deb</a> Size/MD5 checksum: 129134 e6c3f1402576da329d515d9411f7fd53 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-2_sparc.deb</a> Size/MD5 checksum: 217862 2ce2c27d8de0dc78ee4162b9664f7144 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-2_sparc.deb</a> Size/MD5 checksum: 598868 0acf342e57619d34685f76b879da8891 <a href=http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-2_sparc.deb</a> Size/MD5 checksum: 335962 947c59cd2f23b55b897ded3b31ccc1a6 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2008:0287-01)以及相应补丁: RHSA-2008:0287-01:Important: libxslt security update 链接:<a href=https://www.redhat.com/support/errata/RHSA-2008-0287.html target=_blank>https://www.redhat.com/support/errata/RHSA-2008-0287.html</a> XMLSoft ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://bugzilla.gnome.org/attachment.cgi?id=109216&amp;action=view target=_blank>http://bugzilla.gnome.org/attachment.cgi?id=109216&amp;action=view</a> <a href=http://svn.gnome.org/viewvc/libxslt/trunk/libxslt/pattern.c?r1=1469&amp;r2=1468&amp;pathrev=1469 target=_blank>http://svn.gnome.org/viewvc/libxslt/trunk/libxslt/pattern.c?r1=1469&amp;r2=1468&amp;pathrev=1469</a>
idSSV:3346
last seen2017-11-19
modified2008-05-29
published2008-05-29
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-3346
titlelibxslt XSL文件处理缓冲区溢出漏洞

References