Vulnerabilities > CVE-2008-2142 - Unspecified vulnerability in GNU Emacs and Xemacs
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_XEMACS-PACKAGES-5303.NASL description Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142) last seen 2020-06-01 modified 2020-06-02 plugin id 51766 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51766 title SuSE 10 Security Update : XEmacs (ZYPP Patch Number 5303) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51766); script_version ("1.5"); script_cvs_date("Date: 2019/10/25 13:36:33"); script_cve_id("CVE-2008-2142"); script_name(english:"SuSE 10 Security Update : XEmacs (ZYPP Patch Number 5303)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-2142.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 5303."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"xemacs-packages-20051208-18.8")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"xemacs-packages-info-20051208-18.8")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");NASL family SuSE Local Security Checks NASL id SUSE9_12157.NASL description Emacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142) last seen 2020-06-01 modified 2020-06-02 plugin id 41212 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41212 title SuSE9 Security Update : Emacs (YOU Patch Number 12157) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41212); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:31"); script_cve_id("CVE-2008-2142"); script_name(english:"SuSE9 Security Update : Emacs (YOU Patch Number 12157)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Emacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-2142.html" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12157."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"emacs-21.3-185.15")) flag++; if (rpm_check(release:"SUSE9", reference:"emacs-el-21.3-185.15")) flag++; if (rpm_check(release:"SUSE9", reference:"emacs-info-21.3-185.15")) flag++; if (rpm_check(release:"SUSE9", reference:"emacs-nox-21.3-185.15")) flag++; if (rpm_check(release:"SUSE9", reference:"emacs-x11-21.3-185.15")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");NASL family Fedora Local Security Checks NASL id FEDORA_2008-5446.NASL description - Wed Jun 18 2008 Ville Skytta <ville.skytta at iki.fi> - 20070427-2 - Apply upstream security fix for CVE-2008-2142 (#446069). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33233 published 2008-06-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33233 title Fedora 9 : xemacs-packages-extra-20070427-2.fc9 (2008-5446) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-5446. # include("compat.inc"); if (description) { script_id(33233); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-2142"); script_bugtraq_id(29176); script_xref(name:"FEDORA", value:"2008-5446"); script_name(english:"Fedora 9 : xemacs-packages-extra-20070427-2.fc9 (2008-5446)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Wed Jun 18 2008 Ville Skytta <ville.skytta at iki.fi> - 20070427-2 - Apply upstream security fix for CVE-2008-2142 (#446069). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=446069" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/011479.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?0208b3b7" ); script_set_attribute( attribute:"solution", value:"Update the affected xemacs-packages-extra package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:ND"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xemacs-packages-extra"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9"); script_set_attribute(attribute:"patch_publication_date", value:"2008/06/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/06/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC9", reference:"xemacs-packages-extra-20070427-2.fc9")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xemacs-packages-extra"); }NASL family SuSE Local Security Checks NASL id SUSE_XEMACS-PACKAGES-5249.NASL description Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files (CVE-2008-2142). last seen 2020-06-01 modified 2020-06-02 plugin id 32441 published 2008-05-23 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32441 title openSUSE 10 Security Update : xemacs-packages (xemacs-packages-5249) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update xemacs-packages-5249. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(32441); script_version ("1.7"); script_cvs_date("Date: 2019/10/25 13:36:33"); script_cve_id("CVE-2008-2142"); script_name(english:"openSUSE 10 Security Update : xemacs-packages (xemacs-packages-5249)"); script_summary(english:"Check for the xemacs-packages-5249 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files (CVE-2008-2142)." ); script_set_attribute( attribute:"solution", value:"Update the affected xemacs-packages packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xemacs-packages"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xemacs-packages-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xemacs-packages-info"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1|SUSE10\.2|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1 / 10.2 / 10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"xemacs-packages-20051208-18.7") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"xemacs-packages-el-20051208-18.7") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"xemacs-packages-info-20051208-18.7") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"xemacs-packages-20060510-30") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"xemacs-packages-el-20060510-30") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"xemacs-packages-info-20060510-30") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"xemacs-packages-20070427-27.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"xemacs-packages-el-20070427-27.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"xemacs-packages-info-20070427-27.2") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xemacs-packages / xemacs-packages-el / xemacs-packages-info"); }NASL family Fedora Local Security Checks NASL id FEDORA_2008-5504.NASL description - Wed Jun 18 2008 Ville Skytta <ville.skytta at iki.fi> - 20070427-2 - Apply upstream security fix for CVE-2008-2142 (#446069). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33237 published 2008-06-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33237 title Fedora 8 : xemacs-packages-extra-20070427-2.fc8 (2008-5504) NASL family SuSE Local Security Checks NASL id SUSE_EMACS-5297.NASL description Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142) last seen 2020-06-01 modified 2020-06-02 plugin id 41503 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41503 title SuSE 10 Security Update : Emacs (ZYPP Patch Number 5297) NASL family SuSE Local Security Checks NASL id SUSE_EMACS-5247.NASL description Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files (CVE-2008-2142). last seen 2020-06-01 modified 2020-06-02 plugin id 32439 published 2008-05-23 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32439 title openSUSE 10 Security Update : emacs (emacs-5247) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200902-06.NASL description The remote host is affected by the vulnerability described in GLSA-200902-06 (GNU Emacs, XEmacs: Multiple vulnerabilities) Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By shipping a .flc accompanying a source file (.c for example) and setting font-lock-support-mode to fast-lock-mode in the source file through local variables, any Lisp code in the .flc file is executed without warning (CVE-2008-2142). Romain Francoise reported a security risk in a feature of GNU Emacs related to interacting with Python. The vulnerability arises because Python, by default, prepends the current directory to the module search path, allowing for arbitrary code execution when launched from a specially crafted directory (CVE-2008-3949). Impact : Remote attackers could entice a user to open a specially crafted file in GNU Emacs, possibly leading to the execution of arbitrary Emacs Lisp code or arbitrary Python code with the privileges of the user running GNU Emacs or XEmacs. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 35732 published 2009-02-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35732 title GLSA-200902-06 : GNU Emacs, XEmacs: Multiple vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-153.NASL description A vulnerability in emacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by emacs (CVE-2008-2142). The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 37529 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/37529 title Mandriva Linux Security Advisory : emacs (MDVSA-2008:153) NASL family SuSE Local Security Checks NASL id SUSE_EMACS-5248.NASL description Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142) last seen 2020-06-01 modified 2020-06-02 plugin id 32440 published 2008-05-23 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32440 title SuSE 10 Security Update : Emacs (ZYPP Patch Number 5248) NASL family SuSE Local Security Checks NASL id SUSE_XEMACS-PACKAGES-5250.NASL description Xemacs automatically loaded fast-lock files which allowed local attackers to execute arbitrary code as the user editing the associated files. (CVE-2008-2142) last seen 2020-06-01 modified 2020-06-02 plugin id 32502 published 2008-06-02 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32502 title SuSE 10 Security Update : XEmacs (ZYPP Patch Number 5250)
References
- http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html
- http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
- http://secunia.com/advisories/30199
- http://secunia.com/advisories/30216
- http://secunia.com/advisories/30303
- http://secunia.com/advisories/30581
- http://secunia.com/advisories/30827
- http://secunia.com/advisories/34004
- http://security.gentoo.org/glsa/glsa-200902-06.xml
- http://thread.gmane.org/gmane.emacs.devel/96903
- http://tracker.xemacs.org/XEmacs/its/issue378
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:153
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:154
- http://www.securityfocus.com/archive/1/492657/100/0/threaded
- http://www.securityfocus.com/bid/29176
- http://www.securitytracker.com/id?1020019
- http://www.vupen.com/english/advisories/2008/1539/references
- http://www.vupen.com/english/advisories/2008/1540/references
- https://bugs.gentoo.org/show_bug.cgi?id=221197
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42362
- https://issues.rpath.com/browse/RPL-2529
- https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html
- https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html