Informazioni sul CVE-2017-13089
GNU Wget: stack overflow in HTTP protocol handling
CWE ID: CWE-121
Base Score (CVSS): N/A
CVE: CVE-2017-13089
Descrizione: The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk’s length, but doesn’t check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2017/haavoittuvuus-2017-037.html
- https://security.gentoo.org/glsa/201711-06
- http://www.debian.org/security/2017/dsa-4008
- https://www.synology.com/support/security/Synology_SA_17_62_Wget
- http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f
- http://www.securityfocus.com/bid/101592
- https://github.com/r1b/CVE-2017-13089
- http://www.securitytracker.com/id/1039661
- https://access.redhat.com/errata/RHSA-2017:3075
Prodotti interessati
- GNU Project – Wget
Relazioni con altri prodotti
Produttore:GNU Project
Prodotto: Wget
Anno: 2017
CWE: CWE-121
CVSS: 0.0