Intrusion Prevention

FreeBSD.bspatch.Utility.Remote.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution in the bspatch utility in FreeBSD.
The vulnerability is due to improper bounds checking when the vulnerable software reads from diff and extra stream values. An attacker can trick an unsuspecting user into downloading and applying a crafted patch file and execute arbitrary code with the privileges of the target user.

Affected Products

FreeBSD Project FreeBSD releng/10.1/ prior to r303304
FreeBSD Project FreeBSD releng/10.2/ prior to r303304
FreeBSD Project FreeBSD releng/10.3/ prior to r303304
FreeBSD Project FreeBSD releng/9.3/ prior to r303304
FreeBSD Project FreeBSD stable/10/ prior to r303301
FreeBSD Project FreeBSD stable/11 prior to r303301
FreeBSD Project FreeBSD stable/11/ prior to r303300

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
http://security.freebsd.org/advisories/FreeBSD-SA-16:25.bspatch.asc

CVE References

CVE-2014-9862