Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > System crack > Content
Hot Articles
GeoVision Digital Video
Adobe Acrobat and the Re
Samba group_mapping.tdb/
The Sleuth Kit - UNIX-ba
Marvell 88W8361P-BEM1 ch
CS-Cart core / user.php
phpBB Small ShoutBox mod
Outlook Web Access for E
FlexCell Grid ActiveX co
PHP error_log bypasses t
Apple Bonjour for Window
nginx file type error pa
DedeCMS V5.5 Final GetWe
Details of PHP code exec
The VMware 2008-0014 ren
Recommend Articles
Mozilla the Firefox 2.0.
DC++ many long-distance
VLC the media player WAV
The Wireshark 1.0.1 edit
Wordpress XML-RPC connec
ServerView Web connectio
PCRE the pcre_compile.c
phpMyAdmin long-distance
Panda the ActiveScan lon
BlueZ the SDP load handl
1024 CMS many documents
WeFi journal file local
vBulletin adminlog.php r
Microsoft Windows DNS se
Adobe RoboHelp Server he
New Articles
DiY - brief loophole ana
Freefloat FTP Server ove
I can with Apache endeav
HP - UX NFS/ONCplus unkn
HP - UX FTPD remote deni
HP - UX DCE can send acr
HP - UX 'useradd' local
HP - UX swagentd remote
HP - UX Numbers local de
HP - UX System under the
HP - UX 'FTPD' unknown r
HP TCP/IP Services for c
From Solaris NFS pages f
From Solaris XScreenSave
Sun Solaris Auditing Ext
PCRE the pcre_compile.c document piles the overflow crack
  Add date: 07/10/2008   Publishing date: 07/10/2008   Hits: 108
Total 4 pages, Current page:1, Jump to page:
 

Issues the date: 2008-06-29
Renewal date: 2008-07-07

Is affected the system:
PCRE PCRE 7.7
Description:
--------------------------------------------------------------------------------
CVE(CAN) ID: CVE-2008-2371

PCRE (Perl compatible regular expression) the storehouse is the open source code software, may provide the regular expression support.

When PCRE in the start pattern (pattern) assigns the option time, to prevent it nonessential translation syllabified code, meets the way which like the pcre_compile() option assigns to transmit the calling program (is also/(? i) a|b/== /a|b/i). If the pattern contains has many branch, on associative compound outside new option feedback excessively far, only had the first branch to obtain the new mark, but in second translation transmission time has established the new mark, caused between the size computation transmission and the actual translation transmission appears does not match, this possible to trigger piles the overflow.

<* origin: Tavis Ormandy (taviso@gentoo.org)
 
  Link: http://secunia.com/advisories/30916/
        http://bugs.gentoo.org/show_bug.cgi?format=multiple&id=228091
        http://secunia.com/advisories/30944/
        http://www.debian.org/security/2008/dsa-1602
*>

Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:

Debian
------
Debian had already issued a safe announcement for this reason (DSA-1602-1) as well as the corresponding patch:
DSA-1602-1:New pcre3 packages fix arbitrary code execution
Link: http://www.debian.org/security/2008/dsa-1602

Patch downloading:

Source archives:

http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-4.dsc
Size/MD5 checksum:      888 9ef88cd7ab592b3799211018f8d20f63
http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-4.diff.gz
Size/MD5 checksum:    83574 2d9686b5b3a5480aa528bd89cdea12a6
http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz
Size/MD5 checksum:  1106897 de886b22cddc8eaf620a421d3041ee0b

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_alpha.deb
Size/MD5 checksum:    21038 72545720bee988d70381cf56ac08ab3e
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_alpha.deb
Size/MD5 checksum:    91302 039876d52014e88686119445734f6ec7
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_alpha.deb
Size/MD5 checksum:   264154 19f60bc08e3f2a5d8ca305851f44ef55
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_alpha.deb
Size/MD5 checksum:   209168 f19f07f81f4b9259c7b061faf7d9fc7c

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_amd64.deb
Size/MD5 checksum:    89984 c92634b92f00d7f41991d58d3ad690bc

 

Other pages: : 1 * 2 * 3 * 4 * Next>>
Prev:ServerView Web connection stack overflow crack Next:phpMyAdmin long-distance cross station script crack

Comment:

Category: Home > System crack
Home