Problem Description:
The implementation of bspatch is susceptible to integer
overflows with carefully crafted input, potentially allowing
an attacker who can control the patch file to write at
arbitrary locations in the heap. This issue was partially
addressed in FreeBSD-SA-16:25.bspatch, but some possible
integer overflows remained.
Impact:
An attacker who can control the patch file can cause a
crash or run arbitrary code under the credentials of the
user who runs bspatch, in many cases, root.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center