#VU824 Arbitrary code execution in FreeBSD
Published: October 10, 2016 / Updated: October 11, 2016
Vulnerability identifier: #VU824
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: N/A
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
FreeBSD
FreeBSD
Software vendor:
FreeBSD Foundation
FreeBSD Foundation
Description
The vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness occurs in bspatch and exists due to insufficient input validation. By creating and sending a specially crafted patch file attackers can trigger a heap overflow and execute arbitrary code.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
The weakness occurs in bspatch and exists due to insufficient input validation. By creating and sending a specially crafted patch file attackers can trigger a heap overflow and execute arbitrary code.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Remediation
Update patched versions
https://security.FreeBSD.org/patches/SA-16:29/bspatch.patch
https://security.FreeBSD.org/patches/SA-16:29/bspatch.patch