[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: sthttpd remote heap buffer overflow
From: Thomas Deutschmann <whissi () gentoo ! org>
Date: 2017-06-29 9:43:13
Message-ID: 07546f89-f5f8-7ff0-a370-138cc43393ca () gentoo ! org
[Download RAW message or body]
[Attachment #2 (multipart/mixed)]
Hi,
I requested a CVE from MITRE and got CVE-2017-10671 for this
vulnerability:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> > [Vulnerability Type]
> > Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1
> > allows remote attackers to cause a denial of service (daemon crash) or possibly have \
> > unspecified other impact via a crafted filename.
> > ------------------------------------------
> >
> > [Vulnerability Type]
> > Buffer Overflow
> >
> > ------------------------------------------
> >
> > [Affected Product Code Base]
> > sthttpd - <2.27.1
> >
> > ------------------------------------------
> >
> > [Affected Component]
> > de_dotdot function
> >
> > ------------------------------------------
> >
> > [Attack Type]
> > Remote
> >
> > ------------------------------------------
> >
> > [CVE Impact Other]
> > I have no information about the impact. Would be nice if you could check on your own.
> >
> > ------------------------------------------
> >
> > [Attack Vectors]
> > A remote attacker could trigger the flaw in sthttpd's request parsing code via a specially \
> > crafted request.
> > ------------------------------------------
> >
> > [Reference]
> > http://www.openwall.com/lists/oss-security/2017/06/15/9
> > https://github.com/blueness/sthttpd/releases/tag/v2.27.1
> > https://github.com/blueness/sthttpd/commit/c0dc63a49d8605649f1d8e4a96c9b468b0bff660
> >
> > ------------------------------------------
> >
> > [Has vendor confirmed or acknowledged the vulnerability?]
> > true
> >
> > ------------------------------------------
> >
> > [Discoverer]
> > Alexandre Rebert from ForAllSecure
>
> Use CVE-2017-10671.
>
>
> - --
> CVE Assignment Team
> M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
> [ A PGP key is available for encrypted communications at
> http://cve.mitre.org/cve/request_id.html ]
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBCAAGBQJZVGIGAAoJEHb/MwWLVhi2PPAP/RRQ9jGYVCEvLryJtICH/vvj
> ZjS17vckkYVbSOMoTNQR9WihtsQCzkQZ+LL2Qnio45+NORCGn6nLMAi24SotXlrs
> HI16p2h3+fZ3H/JCgT46fUDUHetq30Fy6NhwSKxCwtYEKiNvw4yT0QIPK9bmzf/p
> nTKHDQCMqYp82tFBgReZPRivQcd/+Zbi6CWsS0oNzIsADjZZx1RdaHBJoOZIFcKv
> bBopi0KDIPNgn3VsZwANz0Ex/ju3TfJVb8A9jpNyKlYaKwsou/TAw1g2l90KZxzW
> Som1pG8s/I+MynJhHDNpJm59S6nFWAzZh++lySiEWIepiEsWhEzBpJBBkSAp3wum
> TPhQNJ9BJdiS54rNqKMTGx7WxEvEcklsGQG87bfmUdyNRHYl/lElRYPNelciTnyU
> 38B7E1FwcF793Z5JJfwge1ayo7ShaCaUGx082nU9XVuSFfpG0vrcelOhFAZ0cxyW
> 9+DbSW/01FWWL35pEN0LJ5m5GeOpNa+hjn9VS/qbOiHk9n/PszbL00lS+Q+LKqTj
> J3rOoTkM69d1stlcO8/ehwyr/xo6n6u8v8BmV6So1VWgefk/cI98aoOQvEIDpwQt
> iALKi/+UinhQhG0vCtkKHXsFYXIOv7zk03EfKT37Bh13DuBBJDgIt9nMesVxpsRE
> SmLuxFujGHPobnwbNGqJ
> =CKLn
> -----END PGP SIGNATURE-----
--
Regards,
Thomas Deutschmann / Gentoo Security Team
C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic