Vulnerability CVE-2008-3916

Vulnerability Name:

CVE-2008-3916 (CCN-44643)

Assigned:

2008-06-30

Published:

2008-06-30

Updated:

2018-10-11

Summary:

Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename.
Note: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119
CWE-122

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-3916

Source: MLIST
Type: UNKNOWN
[bug-ed] 20080821 Version 1.0 of GNU ed released

Source: SUSE
Type: UNKNOWN
SUSE-SR:2011:002

Source: CCN
Type: VMware Security Announcements
VMSA-2010-0004 ESX Service Console and vMA third party updates

Source: MLIST
Type: UNKNOWN
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

Source: CCN
Type: RHSA-2008-0946
Moderate: ed security update

Source: SECUNIA
Type: UNKNOWN
32349

Source: SECUNIA
Type: UNKNOWN
32460

Source: CCN
Type: SA33005
Avaya Products ed "strip_escapes()" Buffer Overflow Security Issue

Source: SECUNIA
Type: UNKNOWN
33005

Source: CCN
Type: SA38794
VMware vMA Update for Multiple Packages

Source: SECUNIA
Type: UNKNOWN
38794

Source: SECUNIA
Type: UNKNOWN
43068

Source: GENTOO
Type: UNKNOWN
GLSA-200809-15

Source: CCN
Type: SECTRACK ID: 1020734
GNU ed Heap Overflow in strip_escapes() Lets Remote Users Execute Arbitrary Code

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2008-461.htm

Source: CCN
Type: ASA-2008-461
ed security update (RHSA-2008-0946)

Source: CCN
Type: GLSA-200809-15
GNU ed: User-assisted execution of arbitrary code

Source: CCN
Type: GNU Web site
ed - A line-oriented text editor

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:200

Source: CCN
Type: gnu-announce Mailing List, Aug 21, 2008 12:20
Version 1.0 of GNU ed released

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0946

Source: BUGTRAQ
Type: UNKNOWN
20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed

Source: BID
Type: UNKNOWN
30815

Source: CCN
Type: BID-30815
GNU ed File Processing 'strip_escapes()' Heap Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020734

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2009-0003.html

Source: VUPEN
Type: UNKNOWN
ADV-2008-2642

Source: VUPEN
Type: UNKNOWN
ADV-2008-3347

Source: VUPEN
Type: UNKNOWN
ADV-2010-0528

Source: VUPEN
Type: UNKNOWN
ADV-2011-0212

Source: XF
Type: UNKNOWN
gnued-stripescapes-bo(44643)

Source: XF
Type: UNKNOWN
gnued-stripescapes-bo(44643)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10678

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-9236

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-9263

Source: SUSE
Type: SUSE-SR:2011:002
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:ed:0.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.8:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.9:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:ed:0.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.8:*:*:*:*:*:*:*

OR cpe:/a:gnu:ed:0.9:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:vma:4.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42295	P	Security update for pcre2 (Important)	2022-05-30
oval:org.opensuse.security:def:20083916	V	CVE-2008-3916	2022-05-20
oval:org.opensuse.security:def:31375	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:31722	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:33057	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:32228	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:32227	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:26170	P	Security update for postgresql12 (Important)	2021-11-22
oval:org.opensuse.security:def:33040	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:33734	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:26156	P	Security update for open-lldp (Moderate)	2021-10-26
oval:org.opensuse.security:def:33013	P	Security update for gd (Moderate)	2021-09-23
oval:org.opensuse.security:def:26117	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:32990	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:32175	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:31668	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31665	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:31243	P	Security update for cpio (Important)	2021-08-14
oval:org.opensuse.security:def:33695	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:42096	P	Security update for lua53 (Moderate)	2021-06-29
oval:org.opensuse.security:def:32131	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:32951	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:26068	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:36116	P	ed-0.2-1001.30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42523	P	ed-0.2-1001.30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32109	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31169	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:31158	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31611	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:31157	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:32070	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:28964	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:26214	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:31367	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:31356	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:31355	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:28947	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:33079	P	Security update for ImageMagick (Moderate)	2021-02-19
oval:org.opensuse.security:def:32239	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:32248	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:26091	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:32902	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:32192	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:25972	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:28859	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:35689	P	ed-0.2-1001.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35888	P	ed-0.2-1001.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32545	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25919	P	Security update for libplist (Moderate)	2020-12-01
oval:org.opensuse.security:def:26654	P	xpdf-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25241	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25525	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:25438	P	Security update for binutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:25642	P	Security update for blktrace (Low)	2020-12-01
oval:org.opensuse.security:def:26242	P	Security update for ibus (Important)	2020-12-01
oval:org.opensuse.security:def:26397	P	Security update for plasma5-workspace (Important)	2020-12-01
oval:org.opensuse.security:def:25741	P	Security update for vino (Moderate)	2020-12-01
oval:org.opensuse.security:def:28653	P	Security update for dbus-1	2020-12-01
oval:org.opensuse.security:def:29682	P	Security update for ed	2020-12-01
oval:org.opensuse.security:def:28229	P	Security update for libtirpc, rpcbind (Important)	2020-12-01
oval:org.opensuse.security:def:28569	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:31872	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:32615	P	xdg-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31467	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:32021	P	Security update for kernel-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:31573	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:32358	P	Security update for squidGuard (Moderate)	2020-12-01
oval:org.opensuse.security:def:32689	P	kdebase3-runtime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32602	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:26689	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25252	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:25582	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:26852	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25439	P	Security update for libpcap (Important)	2020-12-01
oval:org.opensuse.security:def:25723	P	Security update for apache2-mod_auth_openidc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26295	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26441	P	Security update for phpMyAdmin (Moderate)	2020-12-01
oval:org.opensuse.security:def:25665	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:25869	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:28805	P	Security update for orca (Moderate)	2020-12-01
oval:org.opensuse.security:def:28296	P	Security update for ncurses (Important)	2020-12-01
oval:org.opensuse.security:def:31911	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32654	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31524	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:32813	P	yast2-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32402	P	Security update for vim (Important)	2020-12-01
oval:org.opensuse.security:def:31582	P	Security update for tar (Moderate)	2020-12-01
oval:org.opensuse.security:def:31800	P	Security update for SuSEfirewall2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32845	P	cyrus-imapd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32316	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:25817	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:25316	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25864	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26887	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25450	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:25780	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26344	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:27079	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25666	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25950	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:29008	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:28217	P	Security update for libquicktime (Moderate)	2020-12-01
oval:org.opensuse.security:def:28427	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:31767	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31933	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:31809	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32852	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32297	P	Security update for procps (Moderate)	2020-12-01
oval:org.opensuse.security:def:31583	P	Recommended update for tboot (Moderate)	2020-12-01
oval:org.opensuse.security:def:31892	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:32451	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:25870	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26016	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25240	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25444	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26015	P	Security update for libplist (Moderate)	2020-12-01
oval:org.opensuse.security:def:25514	P	Security update for mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:26383	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:27114	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25677	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:26007	P	Security update for libid3tag (Moderate)	2020-12-01
oval:org.opensuse.security:def:28908	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:29646	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:28218	P	Recommended update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:28512	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31823	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:31977	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31965	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:31441	P	Security update for pixman (Moderate)	2020-12-01
oval:org.opensuse.security:def:32036	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32336	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:31594	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31949	P	Security update for grub2 (Important)	2020-12-01
oval:org.mitre.oval:def:29199	P	RHSA-2008:0946 -- ed security update (Moderate)	2015-08-17
oval:org.mitre.oval:def:21744	P	ELSA-2008:0946: ed security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:10678	V	Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.	2013-04-29
oval:com.redhat.rhsa:def:20080946	P	RHSA-2008:0946: ed security update (Moderate)	2008-10-21
oval:com.ubuntu.precise:def:20083916000	V	CVE-2008-3916 on Ubuntu 12.04 LTS (precise) - low.	2008-09-04

BACK