Main Vulnerability Database SB2015012401

SB2015012401 - Buffer overflow in ACME Labs mini_httpd

Published: January 24, 2015 Updated: June 1, 2015

Security Bulletin ID SB2015012401

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow when processing HTTP requests (CVE-ID: CVE-2015-1548)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to improper handling of long string passed via HTTP request. A remote attacker can send a specially crafted HTTP GET request with protocol name longer than 10000 bytes, cause out-of-bounds read and obtain potentially sensitive information from system memory.

Exploitation example:

perl -e 'print "GET / " . "X"x65536 . "/Y" . "\r\n\r\n"' | ncat localhost 80

Successful exploitation of this vulnerability may allow an attacker to obtain potentially sensitive data stored in RAM, such as passwords, private encryption keys etc.

Remediation

Install update from vendor's website.

References

https://www.itinsight.hu/blog/posts/2015-01-23-mini_httpd-v1-21-information-disclosure.html