Vulnerability Bulletins

int(3924)

Vulnerability Bulletins

Múltiples vulnerabilidades en Mapserver
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Experto
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Mapserver < 4.10.3
Description
Se han descubierto múltiples vulnerabilidades en Mapserver 4.10.2 y anteriores. Las vulnerabilidades son descritas a continuación: - CVE-2007-4542: Se ha descubierto una vulnerabilidad de tipo Cross-Site Scripting. La vulnerabilidad reside en un error en la validación de la entrada y en el escape de la salida al manejar el template CGI. Un atacante remoto podría inyectar código arbitrario javaScript o HTML mediante métodos no especificados relacionados con la función "processLine()" del fichero "maptemplate.c" y la función "writeError()" del fichero "mapserv.c". - CVE-2007-4629: Se ha descubierto una vulnerabilidad de tipo desbordamiento de pila. La vulnerabilidad reside en un error en la comprobación de los límites al manejar el template. El error se encuentra en la función "processLine()" del fichero "maptemplate.c". Un atacante remoto podría ejecutar código arbitrario con privilegios del usuario "CGI" o "httpd" mediante un "mapfile" con un nombre de capa, un nombre de grupo o un nombre de entrada de metadato largo.
Solution
Actualización de software Debian (DSA-1539-1) Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch2.dsc http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0.orig.tar.gz http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch2.diff.gz Architecture independent packages: http://security.debian.org/pool/updates/main/m/mapserver/mapserver-doc_4.10.0-5.1+etch2_all.deb alpha (DEC Alpha) http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_alpha.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_alpha.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_alpha.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_alpha.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_alpha.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_alpha.deb amd64 (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_amd64.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_amd64.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_amd64.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_amd64.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_amd64.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_amd64.deb hppa (HP PA RISC) http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_hppa.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_hppa.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_hppa.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_hppa.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_hppa.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_hppa.deb i386 (Intel ia32) http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_i386.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_i386.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_i386.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_i386.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_i386.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_i386.deb ia64 (Intel ia64) http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_ia64.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_ia64.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_ia64.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_ia64.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_ia64.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_ia64.deb mips (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_mips.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_mips.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_mips.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_mips.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_mips.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_mips.deb mipsel (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_mipsel.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_mipsel.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_mipsel.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_mipsel.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_mipsel.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_mipsel.deb powerpc (PowerPC) http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_powerpc.deb s390 (IBM S/390) http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_s390.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_s390.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_s390.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_s390.deb http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_s390.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_s390.deb sparc (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/m/mapserver/python-mapscript_4.10.0-5.1+etch2_sparc.deb http://security.debian.org/pool/updates/main/m/mapserver/perl-mapscript_4.10.0-5.1+etch2_sparc.deb http://security.debian.org/pool/updates/main/m/mapserver/php5-mapscript_4.10.0-5.1+etch2_sparc.deb http://security.debian.org/pool/updates/main/m/mapserver/php4-mapscript_4.10.0-5.1+etch2_sparc.deb http://security.debian.org/pool/updates/main/m/mapserver/mapserver-bin_4.10.0-5.1+etch2_sparc.deb http://security.debian.org/pool/updates/main/m/mapserver/cgi-mapserver_4.10.0-5.1+etch2_sparc.deb
Standar resources
Property	Value
CVE	CVE-2007-4542 CVE-2007-4629
BID	25582
Other resources
Debian Security Advisory (DSA-1539-1) http://lists.debian.org/debian-security-announce/2008/msg00109.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2008-04-14

Vulnerability Bulletins

Múltiples vulnerabilidades en Mapserver

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history