Vigil@nce - Perl Convert-UUlib: buffer overflow of UURepairData
January 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can use malformed encoded data, in order to generate a
buffer overflow of one byte, leading to a denial of service and
possibly to code execution.
Severity: 2/4
Creation date: 21/01/2011
IMPACTED PRODUCTS
– Fedora
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The Perl Convert::UUlib module encodes and decodes several
formats: UUencode, Base64, Binhex, Quoted-Printable, etc.
The UURepairData function tries to repair malformed data. However,
this function can write one byte past the end of the storage array.
An attacker can therefore use malformed data, in order to generate
a buffer overflow of one byte, leading to a denial of service and
possibly to code execution.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Perl-Convert-UUlib-buffer-overflow-of-UURepairData-10291