Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:00 AM
Dark Reading
Dark Reading
Products and Releases

Norse Discovers Buffer Overflow Vulnerability In FreeBSD

SAN MATEO, Calf., December 10, 2014 — Norse, the leader in live attack intelligence, today announced that its engineering team discovered a buffer overflow vulnerability in FreeBSD, which was shared with the FreeBSD security team and announced in their FreeBSD-SA-14:27.stdio security advisory.
In the course of new product development, Adrian Chadd, senior kernel engineer at Norse, and Alfred Perlstein, director, appliance and kernel at Norse, discovered a programming error creating a buffer overflow in the stdio (standard I/O) library's __sflush( ) function. Such overflows may lead to data corruption, or the execution of arbitrary code, at higher privilege levels. This error could erroneously adjust the buffered stream's internal state even when no “write” actually occurred in the case when “write (2)” system call returns an error. The accounting mismatch would accumulate if the caller does not check for stream status and would eventually lead to a heap buffer overflow.
With no workaround possible for the error, Perlstein and Chadd created a possible code fix and submitted it to the FreeBSD community for general release.
“Norse appreciates the diligence of our development team, and the assistance of the FreeBSD security team with this process of responsible disclosure,” said Tim O’Brien, director of security threat intelligence for Norse. “Norse is committed to responsible disclosure, and supporting open source software. This is a great example of developers working with and improving an open source project, with full support of their employer. This directly influences our common objective of a safer Internet for everyone.”
FreeBSD is an advanced computer operating system employed to power modern servers, desktops and embedded platforms with broad support from a large community of developers throughout the world.
About Norse
Norse is the leader in live, machine-readable attack intelligence. Norse delivers continuously-updated, demonstrably unique Internet and darknet intel that helps organizations block the attacks that other systems miss. The global Norse DarkMatter sensor network processes hundreds of terabytes of Internet traffic and malware daily and computes over 1500 distinct risk factors, live, for millions of IP addresses and URLs every day. Norse data is curated by a highly trained team of professional cyber- and human-intelligence analysts to deliver the superior information our high-stakes customers demand. For more information, visit www.norse-corp.com.
Media and analyst contact:
Corman Communications, LLC
Patrick Corman, +1-650-326-9648 or +1-650-465-5973 (mobile)
[email protected]

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...