Vulnerabilities > CVE-2014-4607 - Integer Overflow or Wraparound vulnerability in Oberhumer Liblzo2 and Lzo2

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
oberhumer
CWE-190
nessus

Summary

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

Vulnerable Configurations

Part Description Count
Application
Oberhumer
2

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-173.NASL
    descriptionUpdated busybox packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). Busybox bundles part of the liblzo code, containing the lzo1x_decompress_safe function, which is affected by this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id77652
    published2014-09-12
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77652
    titleMandriva Linux Security Advisory : busybox (MDVSA-2014:173)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2014:173. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(77652);
      script_version("1.4");
      script_cvs_date("Date: 2019/08/02 13:32:56");
    
      script_cve_id("CVE-2014-4607");
      script_bugtraq_id(68213);
      script_xref(name:"MDVSA", value:"2014:173");
    
      script_name(english:"Mandriva Linux Security Advisory : busybox (MDVSA-2014:173)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated busybox packages fix security vulnerability :
    
    An integer overflow in liblzo before 2.07 allows attackers to cause a
    denial of service or possibly code execution in applications using
    performing LZO decompression on a compressed payload from the attacker
    (CVE-2014-4607).
    
    Busybox bundles part of the liblzo code, containing the
    lzo1x_decompress_safe function, which is affected by this issue."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2014-0351.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected busybox and / or busybox-static packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:busybox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:busybox-static");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/09/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"busybox-1.20.2-1.2.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"busybox-static-1.20.2-1.2.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-9591.NASL
    descriptionFix CVE-2014-4607 by upgrading to minilzo 2.08 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-08-30
    plugin id77443
    published2014-08-30
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77443
    titleFedora 20 : distcc-3.2rc1-8.fc20 (2014-9591)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-463.NASL
    descriptionbnc#883947: CVE-2014-4607: lzo: DoS or possible RCE by allowing an attacker to change controllflow
    last seen2020-06-05
    modified2014-07-24
    plugin id76721
    published2014-07-24
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76721
    titleopenSUSE Security Update : lzo / liblzo-2-2 (openSUSE-SU-2014:0922-1)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-150.NASL
    descriptionUpdated liblzo packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607).
    last seen2020-06-01
    modified2020-06-02
    plugin id82403
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82403
    titleMandriva Linux Security Advisory : liblzo (MDVSA-2015:150)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1740.NASL
    descriptionAccording to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-07-22
    plugin id126867
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126867
    titleEulerOS 2.0 SP2 : dump (EulerOS-SA-2019-1740)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-168.NASL
    descriptionAn integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The libvncserver library is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code. The x11vnc packages is now build against the system libvncserver library to avoid security issues in the bundled copy. The icecream packages is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
    last seen2020-06-01
    modified2020-06-02
    plugin id77647
    published2014-09-12
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77647
    titleMandriva Linux Security Advisory : libvncserver (MDVSA-2014:168)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2011.NASL
    descriptionAccording to the version of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-09-24
    plugin id129204
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129204
    titleEulerOS 2.0 SP3 : grub2 (EulerOS-SA-2019-2011)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL95698826.NASL
    descriptionAn integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607 - reserved)
    last seen2020-06-01
    modified2020-06-02
    plugin id88569
    published2016-02-04
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88569
    titleF5 Networks BIG-IP : LZO vulnerability (K95698826)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-7926.NASL
    descriptionNew upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-07-03
    plugin id76353
    published2014-07-03
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76353
    titleFedora 20 : lzo-2.08-1.fc20 (2014-7926)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0979.NASL
    descriptionAn updated rhev-hypervisor6 package that fixes one security issue is now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1491 issue. Upstream acknowledges Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491. This update includes changes to the rhev-hypervisor component : * The most recent build of rhev-hypervisor is included in version 3.4.1. (BZ#1118298) This updated package also provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2014-4699 and CVE-2014-4943 (kernel issues) CVE-2014-4607 (lzo issue) CVE-2013-1740, CVE-2014-1490, CVE-2014-1492, CVE-2014-1545, and CVE-2014-1544 (nss and nspr issues) Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package.
    last seen2020-06-01
    modified2020-06-02
    plugin id79038
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79038
    titleRHEL 6 : rhev-hypervisor6 (RHSA-2014:0979)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-35.NASL
    descriptionFix integer overflow in lzo1x_decompress_safe() allowing denial of service or code execution. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-03-26
    plugin id82183
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82183
    titleDebian DLA-35-1 : lzo2 security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-377.NASL
    descriptionLibVNCServer was updated to version 0.9.10 to fix several security and non-security issues. The following issues were fixed : - Remove xorg-x11-devel from buildRequires, X libraries are not directly used/linked - libvncserver-0.9.10-ossl.patch: Update, do not RAND_load_file(
    last seen2020-06-05
    modified2015-05-26
    plugin id83803
    published2015-05-26
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83803
    titleopenSUSE Security Update : LibVNCServer (openSUSE-2015-377)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-16378.NASL
    descriptionSecurity fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-12-15
    plugin id79938
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79938
    titleFedora 20 : grub2-2.00-27.fc20 (2014-16378)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140709_LZO_ON_SL6_X.NASL
    descriptionAn integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
    last seen2020-03-18
    modified2014-07-10
    plugin id76448
    published2014-07-10
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76448
    titleScientific Linux Security Update : lzo on SL6.x i386/srpm/x86_64 (20140709)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_BE5421AB1B5611E4A7675453ED2E2B49.NASL
    descriptionAlbert Aastals Cid reports : krfb embeds libvncserver which embeds liblzo2, it contains various flaws that result in integer overflow problems. This potentially allows a malicious application to create a possible denial of service or code execution. Due to the need to exploit precise details of the target architecture and threading it is unlikely that remote code execution can be achieved in practice.
    last seen2020-06-01
    modified2020-06-02
    plugin id76987
    published2014-08-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76987
    titleFreeBSD : krfb -- Possible Denial of Service or code execution via integer overflow (be5421ab-1b56-11e4-a767-5453ed2e2b49)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2139.NASL
    descriptionAccording to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-11-12
    plugin id130848
    published2019-11-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130848
    titleEulerOS 2.0 SP5 : dump (EulerOS-SA-2019-2139)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2014-373.NASL
    descriptionAn integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607)
    last seen2020-06-01
    modified2020-06-02
    plugin id78316
    published2014-10-12
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78316
    titleAmazon Linux AMI : lzo (ALAS-2014-373)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-16403.NASL
    descriptionSecurity fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-12-15
    plugin id79943
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79943
    titleFedora 21 : grub2-2.02-0.13.fc21 (2014-16403)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-14.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-14 (LZO: Multiple vulnerabilities) LZO is vulnerable to an integer overflow condition in the “lzo1x_decompress_safe” function which could result in a possible buffer overrun when processing maliciously crafted compressed input data. Impact : A remote attacker could send specially crafted compressed input data possibly resulting in a Denial of Service condition or arbitrary code execution. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96245
    published2017-01-03
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96245
    titleGLSA-201701-14 : LZO: Multiple vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-10217.NASL
    descriptionThis updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. (CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-09-23
    plugin id77785
    published2014-09-23
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77785
    titleFedora 21 : icecream-1.0.1-8.20140822git.fc21 (2014-10217)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0861.NASL
    descriptionUpdated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id76445
    published2014-07-10
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76445
    titleRHEL 6 / 7 : lzo (RHSA-2014:0861)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-9151.NASL
    descriptionAvoid possible denial of service or code execution via integer overflow by using (patched) system minilzo (instead of vulnerable bundled copy). See also: http://www.kde.org/info/security/advisory-20140803-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-08-16
    plugin id77225
    published2014-08-16
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77225
    titleFedora 19 : krfb-4.11.5-3.fc19 (2014-9151)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-9183.NASL
    descriptionAvoid possible denial of service or code execution via integer overflow by using (patched) system minilzo (instead of vulnerable bundled copy). See also: http://www.kde.org/info/security/advisory-20140803-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-08-16
    plugin id77226
    published2014-08-16
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77226
    titleFedora 20 : krfb-4.13.3-4.fc20 (2014-9183)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-9632.NASL
    descriptionFix CVE-2014-4607 by upgrading to minilzo 2.08 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-08-30
    plugin id77446
    published2014-08-30
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77446
    titleFedora 19 : distcc-3.2rc1-4.fc19 (2014-9632)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-146.NASL
    descriptionUpdated libvncserver packages fix security vulnerabilities : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The libvncserver library is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code. A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on the VNC client (CVE-2014-6051, CVE-2014-6052). A malicious VNC client can trigger multiple DoS conditions on the VNC server by advertising a large screen size, ClientCutText message length and/or a zero scaling factor parameter (CVE-2014-6053, CVE-2014-6054). A malicious VNC client can trigger multiple stack-based buffer overflows by passing a long file and directory names and/or attributes (FileTime) when using the file transfer message feature (CVE-2014-6055).
    last seen2020-06-01
    modified2020-06-02
    plugin id82399
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82399
    titleMandriva Linux Security Advisory : libvncserver (MDVSA-2015:146)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-134.NASL
    descriptionUpdated liblzo packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607).
    last seen2020-06-01
    modified2020-06-02
    plugin id76470
    published2014-07-11
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76470
    titleMandriva Linux Security Advisory : liblzo (MDVSA-2014:134)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-10366.NASL
    descriptionThis updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. (CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-20
    plugin id79341
    published2014-11-20
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79341
    titleFedora 19 : icecream-1.0.1-8.20140822git.fc19 (2014-10366)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-181.NASL
    descriptionUpdated dump packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The dump package is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
    last seen2020-06-01
    modified2020-06-02
    plugin id77838
    published2014-09-25
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77838
    titleMandriva Linux Security Advisory : dump (MDVSA-2014:181)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0861.NASL
    descriptionFrom Red Hat Security Advisory 2014:0861 : Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id76441
    published2014-07-10
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76441
    titleOracle Linux 6 / 7 : lzo (ELSA-2014-0861)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-163.NASL
    descriptionUpdated grub2 package fixes security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker (CVE-2014-4607). The grub2 package is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
    last seen2020-06-01
    modified2020-06-02
    plugin id82416
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82416
    titleMandriva Linux Security Advisory : grub2 (MDVSA-2015:163)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBLZO2-2-140710.NASL
    descriptionlzo was updated to fix a potential denial of service issue or possible remote code execution by allowing an attacker, if the LZO decompression algorithm is used in a threaded or kernel context, to corrupt memory structures that control the flow of execution in other contexts. (CVE-2014-4607)
    last seen2020-06-05
    modified2014-07-17
    plugin id76558
    published2014-07-17
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76558
    titleSuSE 11.3 Security Update : lzo (SAT Patch Number 9506)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0861.NASL
    descriptionUpdated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id76429
    published2014-07-10
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76429
    titleCentOS 6 / 7 : lzo (CESA-2014:0861)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1735.NASL
    descriptionAccording to the version of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-07-22
    plugin id126862
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126862
    titleEulerOS 2.0 SP2 : grub2 (EulerOS-SA-2019-1735)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-10468.NASL
    descriptionThis updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. (CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-20
    plugin id79343
    published2014-11-20
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79343
    titleFedora 20 : icecream-1.0.1-8.20140822git.fc20 (2014-10468)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2300-1.NASL
    descriptionDon A. Bailey discovered that LZO incorrectly handled certain input data. An attacker could use this issue to cause LZO to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id76784
    published2014-07-25
    reporterUbuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76784
    titleUbuntu 12.04 LTS / 14.04 LTS : lzo2 vulnerability (USN-2300-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-16452.NASL
    descriptionSecurity fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-12-17
    plugin id80062
    published2014-12-17
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80062
    titleFedora 19 : grub2-2.00-27.fc19 (2014-16452)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2995.NASL
    descriptionDon A. Bailey from Lab Mouse Security discovered an integer overflow flaw in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.
    last seen2020-03-17
    modified2014-08-04
    plugin id76976
    published2014-08-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76976
    titleDebian DSA-2995-1 : lzo2 - security update
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201503-13.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201503-13 (BusyBox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker can load kernel modules without privileges by nullifying enforced module prefixes. Execution of arbitrary files or a Denial of Service can be caused through the included vulnerable LZO library. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id82314
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82314
    titleGLSA-201503-13 : BusyBox: Multiple vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-1023.NASL
    descriptionSecurity fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-02-26
    plugin id81530
    published2015-02-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81530
    titleFedora 21 : dump-0.4-0.24.b44.fc21 (2015-1023)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-1007.NASL
    descriptionSecurity fix for CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-02-26
    plugin id81529
    published2015-02-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81529
    titleFedora 20 : dump-0.4-0.24.b44.fc20 (2015-1007)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2029.NASL
    descriptionAccording to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.(CVE-2014-4607) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-09-24
    plugin id129222
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129222
    titleEulerOS 2.0 SP3 : dump (EulerOS-SA-2019-2029)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-7939.NASL
    descriptionNew upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-10-13
    plugin id78383
    published2014-10-13
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78383
    titleFedora 19 : lzo-2.08-1.fc19 (2014-7939)

Redhat

advisories
bugzilla
id1112418
titleCVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 6 is installed
      ovaloval:com.redhat.rhba:tst:20111656003
    • OR
      • AND
        • commentlzo is earlier than 0:2.03-3.1.el6_5.1
          ovaloval:com.redhat.rhsa:tst:20140861001
        • commentlzo is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20140861002
      • AND
        • commentlzo-devel is earlier than 0:2.03-3.1.el6_5.1
          ovaloval:com.redhat.rhsa:tst:20140861003
        • commentlzo-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20140861004
      • AND
        • commentlzo-minilzo is earlier than 0:2.03-3.1.el6_5.1
          ovaloval:com.redhat.rhsa:tst:20140861005
        • commentlzo-minilzo is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20140861006
  • AND
    • commentRed Hat Enterprise Linux 7 is installed
      ovaloval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • commentlzo-minilzo is earlier than 0:2.06-6.el7_0.2
          ovaloval:com.redhat.rhsa:tst:20140861008
        • commentlzo-minilzo is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20140861006
      • AND
        • commentlzo is earlier than 0:2.06-6.el7_0.2
          ovaloval:com.redhat.rhsa:tst:20140861009
        • commentlzo is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20140861002
      • AND
        • commentlzo-devel is earlier than 0:2.06-6.el7_0.2
          ovaloval:com.redhat.rhsa:tst:20140861010
        • commentlzo-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20140861004
rhsa
idRHSA-2014:0861
released2014-07-09
severityModerate
titleRHSA-2014:0861: lzo security update (Moderate)
rpms
  • lzo-0:2.03-3.1.el6_5.1
  • lzo-0:2.06-6.el7_0.2
  • lzo-debuginfo-0:2.03-3.1.el6_5.1
  • lzo-debuginfo-0:2.06-6.el7_0.2
  • lzo-devel-0:2.03-3.1.el6_5.1
  • lzo-devel-0:2.06-6.el7_0.2
  • lzo-minilzo-0:2.03-3.1.el6_5.1
  • lzo-minilzo-0:2.06-6.el7_0.2

The Hacker News

idTHN:9B30E750177FCE2138C2D9F3C42B178A
last seen2018-01-27
modified2014-06-27
published2014-06-27
reporterMohit Kumar
sourcehttps://thehackernews.com/2014/06/20-years-old-vulnerability-in-lzo.html
title20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars