Vulnerabilities > CVE-2014-4607 - Integer Overflow or Wraparound vulnerability in Oberhumer Liblzo2 and Lzo2

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

oberhumer

CWE-190

nessus

NVD

Published: 2020-02-12

Updated: 2024-11-21

Summary

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

Vulnerable Configurations

Part	Description	Count
Application	Oberhumer Oberhumer Lzo2 - Oberhumer Liblzo2 -	2

Common Weakness Enumeration (CWE)

CWE-190 - Integer Overflow or Wraparound

Common Attack Pattern Enumeration and Classification (CAPEC)

Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2014-173.NASL
description	Updated busybox packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). Busybox bundles part of the liblzo code, containing the lzo1x_decompress_safe function, which is affected by this issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	77652
published	2014-09-12
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/77652
title	Mandriva Linux Security Advisory : busybox (MDVSA-2014:173)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2014:173. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(77652); script_version("1.4"); script_cvs_date("Date: 2019/08/02 13:32:56"); script_cve_id("CVE-2014-4607"); script_bugtraq_id(68213); script_xref(name:"MDVSA", value:"2014:173"); script_name(english:"Mandriva Linux Security Advisory : busybox (MDVSA-2014:173)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated busybox packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). Busybox bundles part of the liblzo code, containing the lzo1x_decompress_safe function, which is affected by this issue." ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2014-0351.html" ); script_set_attribute( attribute:"solution", value:"Update the affected busybox and / or busybox-static packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:busybox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:busybox-static"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2014/09/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"busybox-1.20.2-1.2.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"busybox-static-1.20.2-1.2.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-9591.NASL
description	Fix CVE-2014-4607 by upgrading to minilzo 2.08 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-08-30
plugin id	77443
published	2014-08-30
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/77443
title	Fedora 20 : distcc-3.2rc1-8.fc20 (2014-9591)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2014-463.NASL
description	bnc#883947: CVE-2014-4607: lzo: DoS or possible RCE by allowing an attacker to change controllflow
last seen	2020-06-05
modified	2014-07-24
plugin id	76721
published	2014-07-24
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76721
title	openSUSE Security Update : lzo / liblzo-2-2 (openSUSE-SU-2014:0922-1)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2015-150.NASL
description	Updated liblzo packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607).
last seen	2020-06-01
modified	2020-06-02
plugin id	82403
published	2015-03-30
reporter	This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/82403
title	Mandriva Linux Security Advisory : liblzo (MDVSA-2015:150)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1740.NASL
description	According to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-06
modified	2019-07-22
plugin id	126867
published	2019-07-22
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126867
title	EulerOS 2.0 SP2 : dump (EulerOS-SA-2019-1740)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2014-168.NASL
description	An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The libvncserver library is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code. The x11vnc packages is now build against the system libvncserver library to avoid security issues in the bundled copy. The icecream packages is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
last seen	2020-06-01
modified	2020-06-02
plugin id	77647
published	2014-09-12
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/77647
title	Mandriva Linux Security Advisory : libvncserver (MDVSA-2014:168)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2011.NASL
description	According to the version of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-09-24
plugin id	129204
published	2019-09-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129204
title	EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2019-2011)

NASL family	F5 Networks Local Security Checks
NASL id	F5_BIGIP_SOL95698826.NASL
description	An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607 - reserved)
last seen	2020-06-01
modified	2020-06-02
plugin id	88569
published	2016-02-04
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/88569
title	F5 Networks BIG-IP : LZO vulnerability (K95698826)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-7926.NASL
description	New upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-07-03
plugin id	76353
published	2014-07-03
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/76353
title	Fedora 20 : lzo-2.08-1.fc20 (2014-7926)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2014-0979.NASL
description	An updated rhev-hypervisor6 package that fixes one security issue is now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1491 issue. Upstream acknowledges Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491. This update includes changes to the rhev-hypervisor component : * The most recent build of rhev-hypervisor is included in version 3.4.1. (BZ#1118298) This updated package also provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2014-4699 and CVE-2014-4943 (kernel issues) CVE-2014-4607 (lzo issue) CVE-2013-1740, CVE-2014-1490, CVE-2014-1492, CVE-2014-1545, and CVE-2014-1544 (nss and nspr issues) Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package.
last seen	2020-06-01
modified	2020-06-02
plugin id	79038
published	2014-11-08
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/79038
title	RHEL 6 : rhev-hypervisor6 (RHSA-2014:0979)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-35.NASL
description	Fix integer overflow in lzo1x_decompress_safe() allowing denial of service or code execution. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2015-03-26
plugin id	82183
published	2015-03-26
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82183
title	Debian DLA-35-1 : lzo2 security update

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2015-377.NASL
description	LibVNCServer was updated to version 0.9.10 to fix several security and non-security issues. The following issues were fixed : - Remove xorg-x11-devel from buildRequires, X libraries are not directly used/linked - libvncserver-0.9.10-ossl.patch: Update, do not RAND_load_file(
last seen	2020-06-05
modified	2015-05-26
plugin id	83803
published	2015-05-26
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/83803
title	openSUSE Security Update : LibVNCServer (openSUSE-2015-377)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-16378.NASL
description	Security fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-12-15
plugin id	79938
published	2014-12-15
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/79938
title	Fedora 20 : grub2-2.00-27.fc20 (2014-16378)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20140709_LZO_ON_SL6_X.NASL
description	An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
last seen	2020-03-18
modified	2014-07-10
plugin id	76448
published	2014-07-10
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76448
title	Scientific Linux Security Update : lzo on SL6.x i386/srpm/x86_64 (20140709)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_BE5421AB1B5611E4A7675453ED2E2B49.NASL
description	Albert Aastals Cid reports : krfb embeds libvncserver which embeds liblzo2, it contains various flaws that result in integer overflow problems. This potentially allows a malicious application to create a possible denial of service or code execution. Due to the need to exploit precise details of the target architecture and threading it is unlikely that remote code execution can be achieved in practice.
last seen	2020-06-01
modified	2020-06-02
plugin id	76987
published	2014-08-04
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76987
title	FreeBSD : krfb -- Possible Denial of Service or code execution via integer overflow (be5421ab-1b56-11e4-a767-5453ed2e2b49)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2139.NASL
description	According to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-11-12
plugin id	130848
published	2019-11-12
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130848
title	EulerOS 2.0 SP5 : dump (EulerOS-SA-2019-2139)

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2014-373.NASL
description	An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607)
last seen	2020-06-01
modified	2020-06-02
plugin id	78316
published	2014-10-12
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/78316
title	Amazon Linux AMI : lzo (ALAS-2014-373)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-16403.NASL
description	Security fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-12-15
plugin id	79943
published	2014-12-15
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/79943
title	Fedora 21 : grub2-2.02-0.13.fc21 (2014-16403)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201701-14.NASL
description	The remote host is affected by the vulnerability described in GLSA-201701-14 (LZO: Multiple vulnerabilities) LZO is vulnerable to an integer overflow condition in the “lzo1x_decompress_safe” function which could result in a possible buffer overrun when processing maliciously crafted compressed input data. Impact : A remote attacker could send specially crafted compressed input data possibly resulting in a Denial of Service condition or arbitrary code execution. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	96245
published	2017-01-03
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/96245
title	GLSA-201701-14 : LZO: Multiple vulnerabilities

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-10217.NASL
description	This updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. (CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-09-23
plugin id	77785
published	2014-09-23
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/77785
title	Fedora 21 : icecream-1.0.1-8.20140822git.fc21 (2014-10217)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2014-0861.NASL
description	Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
last seen	2020-06-01
modified	2020-06-02
plugin id	76445
published	2014-07-10
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76445
title	RHEL 6 / 7 : lzo (RHSA-2014:0861)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-9151.NASL
description	Avoid possible denial of service or code execution via integer overflow by using (patched) system minilzo (instead of vulnerable bundled copy). See also: http://www.kde.org/info/security/advisory-20140803-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-08-16
plugin id	77225
published	2014-08-16
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/77225
title	Fedora 19 : krfb-4.11.5-3.fc19 (2014-9151)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-9183.NASL
description	Avoid possible denial of service or code execution via integer overflow by using (patched) system minilzo (instead of vulnerable bundled copy). See also: http://www.kde.org/info/security/advisory-20140803-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-08-16
plugin id	77226
published	2014-08-16
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/77226
title	Fedora 20 : krfb-4.13.3-4.fc20 (2014-9183)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-9632.NASL
description	Fix CVE-2014-4607 by upgrading to minilzo 2.08 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-08-30
plugin id	77446
published	2014-08-30
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/77446
title	Fedora 19 : distcc-3.2rc1-4.fc19 (2014-9632)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2015-146.NASL
description	Updated libvncserver packages fix security vulnerabilities : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The libvncserver library is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code. A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on the VNC client (CVE-2014-6051, CVE-2014-6052). A malicious VNC client can trigger multiple DoS conditions on the VNC server by advertising a large screen size, ClientCutText message length and/or a zero scaling factor parameter (CVE-2014-6053, CVE-2014-6054). A malicious VNC client can trigger multiple stack-based buffer overflows by passing a long file and directory names and/or attributes (FileTime) when using the file transfer message feature (CVE-2014-6055).
last seen	2020-06-01
modified	2020-06-02
plugin id	82399
published	2015-03-30
reporter	This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/82399
title	Mandriva Linux Security Advisory : libvncserver (MDVSA-2015:146)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2014-134.NASL
description	Updated liblzo packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607).
last seen	2020-06-01
modified	2020-06-02
plugin id	76470
published	2014-07-11
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/76470
title	Mandriva Linux Security Advisory : liblzo (MDVSA-2014:134)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-10366.NASL
description	This updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. (CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-11-20
plugin id	79341
published	2014-11-20
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/79341
title	Fedora 19 : icecream-1.0.1-8.20140822git.fc19 (2014-10366)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2014-181.NASL
description	Updated dump packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The dump package is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
last seen	2020-06-01
modified	2020-06-02
plugin id	77838
published	2014-09-25
reporter	This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/77838
title	Mandriva Linux Security Advisory : dump (MDVSA-2014:181)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2014-0861.NASL
description	From Red Hat Security Advisory 2014:0861 : Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
last seen	2020-06-01
modified	2020-06-02
plugin id	76441
published	2014-07-10
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76441
title	Oracle Linux 6 / 7 : lzo (ELSA-2014-0861)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2015-163.NASL
description	Updated grub2 package fixes security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The grub2 package is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
last seen	2020-06-01
modified	2020-06-02
plugin id	82416
published	2015-03-30
reporter	This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/82416
title	Mandriva Linux Security Advisory : grub2 (MDVSA-2015:163)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_LIBLZO2-2-140710.NASL
description	lzo was updated to fix a potential denial of service issue or possible remote code execution by allowing an attacker, if the LZO decompression algorithm is used in a threaded or kernel context, to corrupt memory structures that control the flow of execution in other contexts. (CVE-2014-4607)
last seen	2020-06-05
modified	2014-07-17
plugin id	76558
published	2014-07-17
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/76558
title	SuSE 11.3 Security Update : lzo (SAT Patch Number 9506)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2014-0861.NASL
description	Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
last seen	2020-06-01
modified	2020-06-02
plugin id	76429
published	2014-07-10
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76429
title	CentOS 6 / 7 : lzo (CESA-2014:0861)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1735.NASL
description	According to the version of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-06
modified	2019-07-22
plugin id	126862
published	2019-07-22
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126862
title	EulerOS 2.0 SP2 : grub2 (EulerOS-SA-2019-1735)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-10468.NASL
description	This updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. (CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-11-20
plugin id	79343
published	2014-11-20
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/79343
title	Fedora 20 : icecream-1.0.1-8.20140822git.fc20 (2014-10468)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2300-1.NASL
description	Don A. Bailey discovered that LZO incorrectly handled certain input data. An attacker could use this issue to cause LZO to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	76784
published	2014-07-25
reporter	Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76784
title	Ubuntu 12.04 LTS / 14.04 LTS : lzo2 vulnerability (USN-2300-1)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-16452.NASL
description	Security fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-12-17
plugin id	80062
published	2014-12-17
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/80062
title	Fedora 19 : grub2-2.00-27.fc19 (2014-16452)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-2995.NASL
description	Don A. Bailey from Lab Mouse Security discovered an integer overflow flaw in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.
last seen	2020-03-17
modified	2014-08-04
plugin id	76976
published	2014-08-04
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/76976
title	Debian DSA-2995-1 : lzo2 - security update

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201503-13.NASL
description	The remote host is affected by the vulnerability described in GLSA-201503-13 (BusyBox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker can load kernel modules without privileges by nullifying enforced module prefixes. Execution of arbitrary files or a Denial of Service can be caused through the included vulnerable LZO library. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	82314
published	2015-03-30
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82314
title	GLSA-201503-13 : BusyBox: Multiple vulnerabilities

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2015-1023.NASL
description	Security fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2015-02-26
plugin id	81530
published	2015-02-26
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/81530
title	Fedora 21 : dump-0.4-0.24.b44.fc21 (2015-1023)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2015-1007.NASL
description	Security fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2015-02-26
plugin id	81529
published	2015-02-26
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/81529
title	Fedora 20 : dump-0.4-0.24.b44.fc20 (2015-1007)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2029.NASL
description	According to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-09-24
plugin id	129222
published	2019-09-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129222
title	EulerOS 2.0 SP3 : dump (EulerOS-SA-2019-2029)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2014-7939.NASL
description	New upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2014-10-13
plugin id	78383
published	2014-10-13
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/78383
title	Fedora 19 : lzo-2.08-1.fc19 (2014-7939)

Redhat

advisories

bugzilla

id	1112418
title	CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment lzo is earlier than 0:2.03-3.1.el6_5.1
oval oval:com.redhat.rhsa:tst:20140861001
comment lzo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140861002
AND
comment lzo-devel is earlier than 0:2.03-3.1.el6_5.1
oval oval:com.redhat.rhsa:tst:20140861003
comment lzo-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140861004
AND
comment lzo-minilzo is earlier than 0:2.03-3.1.el6_5.1
oval oval:com.redhat.rhsa:tst:20140861005
comment lzo-minilzo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140861006

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment lzo-minilzo is earlier than 0:2.06-6.el7_0.2
oval oval:com.redhat.rhsa:tst:20140861008
comment lzo-minilzo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140861006
AND
comment lzo is earlier than 0:2.06-6.el7_0.2
oval oval:com.redhat.rhsa:tst:20140861009
comment lzo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140861002
AND
comment lzo-devel is earlier than 0:2.06-6.el7_0.2
oval oval:com.redhat.rhsa:tst:20140861010
comment lzo-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140861004

rhsa

id	RHSA-2014:0861
released	2014-07-09
severity	Moderate
title	RHSA-2014:0861: lzo security update (Moderate)

rpms

lzo-0:2.03-3.1.el6_5.1
lzo-0:2.06-6.el7_0.2
lzo-debuginfo-0:2.03-3.1.el6_5.1
lzo-debuginfo-0:2.06-6.el7_0.2
lzo-devel-0:2.03-3.1.el6_5.1
lzo-devel-0:2.06-6.el7_0.2
lzo-minilzo-0:2.03-3.1.el6_5.1
lzo-minilzo-0:2.06-6.el7_0.2

The Hacker News

id	THN:9B30E750177FCE2138C2D9F3C42B178A
last seen	2018-01-27
modified	2014-06-27
published	2014-06-27
reporter	Mohit Kumar
source	https://thehackernews.com/2014/06/20-years-old-vulnerability-in-lzo.html
title	20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

The Hacker News

References