ID

VAR-201606-0135

CVE

CVE-2016-5300

TITLE

Expat of XML Service disruption in parsers (DoS) Vulnerabilities

DESCRIPTION

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876. The Expat library is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable XML parsing library. From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <57683228.8060901@canonical.com> Subject: [USN-3013-1] XML-RPC for C and C++ vulnerabilities ============================================================================ Ubuntu Security Notice USN-3013-1 June 20, 2016 xmlrpc-c vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Several security issues were fixed in XML-RPC for C and C++. Software Description: - xmlrpc-c: Lightweight RPC library based on XML and HTTP Details: It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702) It was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300) Gustavo Grieco discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. (CVE-2016-0718) It was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. (CVE-2015-1283, CVE-2016-4472) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: libxmlrpc-c++4 1.16.33-3.1ubuntu5.2 libxmlrpc-core-c3 1.16.33-3.1ubuntu5.2 After a standard system upgrade you need to restart any applications linked against XML-RPC for C and C++ to effect the necessary changes. References: http://www.ubuntu.com/usn/usn-3013-1 CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300 Package Information: https://launchpad.net/ubuntu/+source/xmlrpc-c/1.16.33-3.1ubuntu5.2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3597-1 security@debian.org https://www.debian.org/security/ Luciano Bello June 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : expat CVE ID : CVE-2012-6702 CVE-2016-5300 Two related issues have been discovered in Expat, a C library for parsing XML. CVE-2012-6702 It was introduced when CVE-2012-0876 was addressed. Stefan Sørensen discovered that the use of the function XML_Parse() seeds the random number generator generating repeated outputs for rand() calls. CVE-2016-5300 It is the product of an incomplete solution for CVE-2012-0876. You might need to manually restart programs and services using expat libraries. For the stable distribution (jessie), these problems have been fixed in version 2.1.0-6+deb8u3. For the unstable distribution (sid), these problems have been fixed in version 2.1.1-3. We recommend that you upgrade your expat packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXVvdDAAoJEG7C3vaP/jd0YQoP/iNI/wcPsJl1Dzji5NiBhaAJ 9QXYxekJEusKQgUE4odgqfR58knCN9KX0YPw7lg1hWxkD2UEgwBMT9uKzXeojBdS 4mvh9kZquA5Uizy4gXaoo/lVzUYfRCrFBiWaH3vT6ta+Se9fb0wq5GZq1Ad7FRrK 70YSv5yuu0jkA9KU9AspJt0d44nqdfiNCOl6mjW768pDs4B7jKxWmryI+ziWTWmG ZJH4TlUMBwYZ7vxe3+1t/3aHzyHfg+hjkWIpKvR9TsFnnKxcYyecCHjOh57ytCBF Kr4TD46oyzHxMYR4GR0ig1bsbmcZOpS78OH5h0aikRta/DzFwvP027YSBp+DlhD1 J9iKPySdykU4Ks4qgc1Ywe2J04pIzdyfJwWAaOug+rMJIT06ft+Md8GPm+LxtZLv n67DgIqGEvLoBneC9UUP4Qmz/uFbX2F0ILi69j1PZf6d8WrrSX2UM9azvXGr+YyA 3AHPp/uH20NvytJkTTV6IC0EbQ2HdxprEhRCLb5ggh8rNVU0ozM+/OkNjNzXlHmV WzeVej+DqTuHYDbvBAYKvQ9G+DgqX3gHm2+OHFz/j16WLhP9+o54Pb7zL7spToG0 xIxU8l2e8rsjTvJNN3Qja4p6mJrUblKW3Mxm28sKgfy/EPWXCAwFRy1/aPVxAISd qKokFSeLrpmmON44o5ah =Au1C -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-03-22-1 iTunes for Windows 12.6 iTunes for Windows 12.6 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: Multiple issues in SQLite Description: Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2. These issues were addressed by updating expat to version 2.2.0. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Expat: Multiple vulnerabilities Date: January 11, 2017 Bugs: #458742, #555642, #577928, #583268, #585510 ID: 201701-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Expat, the worst of which may allow execution of arbitrary code. Background ========== Expat is a set of XML parsing libraries. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/expat < 2.2.0-r1 >= 2.2.0-r1 Description =========== Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker, by enticing a user to process a specially crafted XML file, could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. This attack could also be used against automated systems that arbitrarily process XML files. Workaround ========== There is no known workaround at this time. Resolution ========== All Expat users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/expat-2.2.0-r1" References ========== [ 1 ] CVE-2012-6702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6702 [ 2 ] CVE-2013-0340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0340 [ 3 ] CVE-2015-1283 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1283 [ 4 ] CVE-2016-0718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0718 [ 5 ] CVE-2016-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4472 [ 6 ] CVE-2016-5300 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5300 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-21 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

resource management error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Daniel Micay

SOURCES

LAST UPDATE DATE

2024-04-20T22:51:16.319000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE