Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:LIBXML2-ENTRY-NAME

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 libxml2 XML File Processing Long Entity Name Buffer Overflow

Release Date

 2010/10/13

Update Number

 1791

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: libxml2 XML File Processing Long Entity Name Buffer Overflow


This signature detects attempts to exploit a known vulnerability in libxml2 XML library. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.

Extended Description

The 'libxml' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability.

Affected Products

  • Apple iPhone 1
  • Apple iPhone 1.0.1
  • Apple iPhone 1.0.2
  • Apple iPhone 1.1
  • Apple iPhone 1.1.1
  • Apple iPhone 1.1.2
  • Apple iPhone 1.1.3
  • Apple iPhone 1.1.4
  • Apple iPhone 2.0
  • Apple iPhone 2.0.1
  • Apple iPhone 2.0.2
  • Apple iPhone 2.1
  • Apple iPhone 2.2
  • Apple iPhone 2.2.1
  • Apple iPod Touch 1.1
  • Apple iPod Touch 1.1.1
  • Apple iPod Touch 1.1.2
  • Apple iPod Touch 1.1.3
  • Apple iPod Touch 1.1.4
  • Apple iPod Touch 2.0
  • Apple iPod Touch 2.0.1
  • Apple iPod Touch 2.0.2
  • Apple iPod Touch 2.1
  • Apple iPod Touch 2.2
  • Apple iPod Touch 2.2.1
  • Apple Safari 1.0.0
  • Apple Safari 1.1.0
  • Apple Safari 1.2.0
  • Apple Safari 1.2.1
  • Apple Safari 1.2.2
  • Apple Safari 1.2.3
  • Apple Safari 1.3.0
  • Apple Safari 1.3.1
  • Apple Safari 1.3.2
  • Apple Safari 2.0.1
  • Apple Safari 2.0.2
  • Apple Safari 2.0.3
  • Apple Safari 2.0.4
  • Apple Safari 3
  • Apple Safari 3.0.1 Beta
  • Apple Safari 3.0.1 Beta For Windows
  • Apple Safari 3.0.2 Beta
  • Apple Safari 3.0.2 Beta For Windows
  • Apple Safari 3.0.3 Beta
  • Apple Safari 3.0.3 Beta For Windows
  • Apple Safari 3.0.4 Beta For Windows
  • Apple Safari 3.1
  • Apple Safari 3.1.1
  • Apple Safari 3.1.1 For Windows
  • Apple Safari 3.1.2
  • Apple Safari 3.1.2 For Windows
  • Apple Safari 3.1 For Windows
  • Apple Safari 3.2
  • Apple Safari 3.2.2 For Windows
  • Apple Safari 3 Beta
  • Apple Safari 3 Beta For Windows
  • Apple Safari 4 Beta
  • Apple Safari Beta 2
  • Apple Safari For Windows 3.2.1
  • Avaya Aura Application Enablement Services 3.1.6
  • Avaya Aura Application Enablement Services 4.2.1
  • Avaya Aura SIP Enablement Services 5.0
  • Avaya CMS Server 13.0.0
  • Avaya CMS Server 13.1
  • Avaya CMS Server 14.0
  • Avaya CMS Server 14.1
  • Avaya CMS Server 15.0
  • Avaya Communication Manager 3.1
  • Avaya Communication Manager 3.1.4 SP2
  • Avaya Communication Manager 4.0
  • Avaya Communication Manager 4.0.3 SP1
  • Avaya Communication Manager 5.0
  • Avaya Communication Manager 5.0 SP3
  • Avaya Communication Manager 5.1
  • Avaya EMMC 1.017
  • Avaya EMMC 1.021
  • Avaya EMMC
  • Avaya Intuity AUDIX LX 2.0
  • Avaya Meeting Exchange 5.0
  • Avaya Meeting Exchange 5.0.0.0.52
  • Avaya Meeting Exchange - Enterprise Edition
  • Avaya Message Networking 3.1
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server 3.1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Avaya Proactive Contact 3.0
  • Avaya Proactive Contact 4.0
  • Avaya Proactive Contact
  • Avaya Voice Portal 3.0
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 4.1
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Gentoo Linux
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • Nortel Networks Self-Service - CCSS7
  • Nortel Networks Self-Service MPS 1000
  • Nortel Networks Self-Service Peri Application
  • Nortel Networks Self-Service Peri Workstation
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • rPath Appliance Platform Linux Service 1
  • rPath Appliance Platform Linux Service 2
  • rPath rPath Linux 1
  • rPath rPath Linux 2
  • Sun Java System Access Manager Policy Agent 2.2
  • Sun Management Center 3.6
  • Sun Management Center 3.6.1
  • Sun Management Center 4.0
  • Sun OpenSolaris Build Snv 01
  • Sun OpenSolaris Build Snv 02
  • Sun OpenSolaris Build Snv 100
  • Sun OpenSolaris Build Snv 13
  • Sun OpenSolaris Build Snv 19
  • Sun OpenSolaris Build Snv 22
  • Sun OpenSolaris Build Snv 29
  • Sun OpenSolaris Build Snv 36
  • Sun OpenSolaris Build Snv 39
  • Sun OpenSolaris Build Snv 50
  • Sun OpenSolaris Build Snv 57
  • Sun OpenSolaris Build Snv 59
  • Sun OpenSolaris Build Snv 61
  • Sun OpenSolaris Build Snv 64
  • Sun OpenSolaris Build Snv 67
  • Sun OpenSolaris Build Snv 68
  • Sun OpenSolaris Build Snv 76
  • Sun OpenSolaris Build Snv 77
  • Sun OpenSolaris Build Snv 78
  • Sun OpenSolaris Build Snv 80
  • Sun OpenSolaris Build Snv 82
  • Sun OpenSolaris Build Snv 83
  • Sun OpenSolaris Build Snv 84
  • Sun OpenSolaris Build Snv 85
  • Sun OpenSolaris Build Snv 87
  • Sun OpenSolaris Build Snv 88
  • Sun OpenSolaris Build Snv 89
  • Sun OpenSolaris Build Snv 90
  • Sun OpenSolaris Build Snv 91
  • Sun OpenSolaris Build Snv 92
  • Sun OpenSolaris Build Snv 95
  • Sun OpenSolaris Build Snv 96
  • Sun OpenSolaris Build Snv 99
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • SuSE openSUSE 10.2
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • XMLSoft Libxml2 2.5.1
  • XMLSoft Libxml2 2.5.10
  • XMLSoft Libxml2 2.5.11
  • XMLSoft Libxml2 2.5.4
  • XMLSoft Libxml2 2.5.8
  • XMLSoft Libxml2 2.6.0 .0
  • XMLSoft Libxml2 2.6.1
  • XMLSoft Libxml2 2.6.11
  • XMLSoft Libxml2 2.6.12
  • XMLSoft Libxml2 2.6.13
  • XMLSoft Libxml2 2.6.14
  • XMLSoft Libxml2 2.6.15
  • XMLSoft Libxml2 2.6.16
  • XMLSoft Libxml2 2.6.2
  • XMLSoft Libxml2 2.6.26
  • XMLSoft Libxml2 2.6.3
  • XMLSoft Libxml2 2.6.30
  • XMLSoft Libxml2 2.6.31
  • XMLSoft Libxml2 2.6.4
  • XMLSoft Libxml2 2.6.5
  • XMLSoft Libxml2 2.6.6
  • XMLSoft Libxml2 2.6.7
  • XMLSoft Libxml2 2.6.8
  • XMLSoft Libxml2 2.6.9

References

  • BugTraq: 31126
  • CVE: CVE-2008-3529

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out