oss-sec mailing list archives
Re: CVE request: sthttpd remote heap buffer overflow
From: Thomas Deutschmann <whissi () gentoo org>
Date: Thu, 29 Jun 2017 11:43:13 +0200
Hi, I requested a CVE from MITRE and got CVE-2017-10671 for this vulnerability:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256[Vulnerability Type] Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted filename. ------------------------------------------ [Vulnerability Type] Buffer Overflow ------------------------------------------ [Affected Product Code Base] sthttpd - <2.27.1 ------------------------------------------ [Affected Component] de_dotdot function ------------------------------------------ [Attack Type] Remote ------------------------------------------ [CVE Impact Other] I have no information about the impact. Would be nice if you could check on your own. ------------------------------------------ [Attack Vectors] A remote attacker could trigger the flaw in sthttpd's request parsing code via a specially crafted request. ------------------------------------------ [Reference] http://www.openwall.com/lists/oss-security/2017/06/15/9 https://github.com/blueness/sthttpd/releases/tag/v2.27.1 https://github.com/blueness/sthttpd/commit/c0dc63a49d8605649f1d8e4a96c9b468b0bff660 ------------------------------------------ [Has vendor confirmed or acknowledged the vulnerability?] true ------------------------------------------ [Discoverer] Alexandre Rebert from ForAllSecureUse CVE-2017-10671. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJZVGIGAAoJEHb/MwWLVhi2PPAP/RRQ9jGYVCEvLryJtICH/vvj ZjS17vckkYVbSOMoTNQR9WihtsQCzkQZ+LL2Qnio45+NORCGn6nLMAi24SotXlrs HI16p2h3+fZ3H/JCgT46fUDUHetq30Fy6NhwSKxCwtYEKiNvw4yT0QIPK9bmzf/p nTKHDQCMqYp82tFBgReZPRivQcd/+Zbi6CWsS0oNzIsADjZZx1RdaHBJoOZIFcKv bBopi0KDIPNgn3VsZwANz0Ex/ju3TfJVb8A9jpNyKlYaKwsou/TAw1g2l90KZxzW Som1pG8s/I+MynJhHDNpJm59S6nFWAzZh++lySiEWIepiEsWhEzBpJBBkSAp3wum TPhQNJ9BJdiS54rNqKMTGx7WxEvEcklsGQG87bfmUdyNRHYl/lElRYPNelciTnyU 38B7E1FwcF793Z5JJfwge1ayo7ShaCaUGx082nU9XVuSFfpG0vrcelOhFAZ0cxyW 9+DbSW/01FWWL35pEN0LJ5m5GeOpNa+hjn9VS/qbOiHk9n/PszbL00lS+Q+LKqTj J3rOoTkM69d1stlcO8/ehwyr/xo6n6u8v8BmV6So1VWgefk/cI98aoOQvEIDpwQt iALKi/+UinhQhG0vCtkKHXsFYXIOv7zk03EfKT37Bh13DuBBJDgIt9nMesVxpsRE SmLuxFujGHPobnwbNGqJ =CKLn -----END PGP SIGNATURE-----
-- Regards, Thomas Deutschmann / Gentoo Security Team C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE request: sthttpd remote heap buffer overflow Alexandre Rebert (Jun 15)
- Re: CVE request: sthttpd remote heap buffer overflow Andrej Nemec (Jun 15)
- Re: CVE request: sthttpd remote heap buffer overflow Thomas Deutschmann (Jun 29)
- Re: CVE request: sthttpd remote heap buffer overflow Andrej Nemec (Jun 15)