Buffer overflow when processing HTTP requests in mini_httpd (Alpine package)
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2015-1548 |
| CWE-ID | CWE-119 CWE-87 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
mini_httpd (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Buffer overflow when processing HTTP requests
EUVDB-ID: #VU58
Risk: Low
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]
CVE-ID: CVE-2015-1548
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper handling of long string passed via HTTP request. A remote attacker can send a specially crafted HTTP GET request with protocol name longer than 10000 bytes, cause out-of-bounds read and obtain potentially sensitive information from system memory.
Exploitation example:
perl -e 'print "GET / " . "X"x65536 . "/Y" . "\r\n\r\n"' | ncat localhost 80
Successful exploitation of this vulnerability may allow an attacker to obtain potentially sensitive data stored in RAM, such as passwords, private encryption keys etc.
MitigationInstall update from vendor's website.
Vulnerable software versionsmini_httpd (Alpine package): 1.21-r0 - 1.21-r3
CPE2.3- cpe:2.3:a:alpine:mini_httpd_alpine_package:1.21-r0:*:*:*:*:alpine_linux:*:3.0
- cpe:2.3:a:alpine:mini_httpd_alpine_package:1.21-r1:*:*:*:*:alpine_linux:*:2.6
- cpe:2.3:a:alpine:mini_httpd_alpine_package:1.21-r2:*:*:*:*:alpine_linux:*:3.2
https://git.alpinelinux.org/aports/commit/?id=46cc566b714b3b7bd23a8776ec7d62b5119d84b9
https://git.alpinelinux.org/aports/commit/?id=aebd71a3ff4785df943cde74514da329feb099a9
https://git.alpinelinux.org/aports/commit/?id=d3608fd1861a2ef47b467b4d174db3672de7d422
https://git.alpinelinux.org/aports/commit/?id=68c019d5d997f18914a2b919d4511234d240d0f3
https://git.alpinelinux.org/aports/commit/?id=cb82a51fa4b1179b5ef61e71a41b377fbd3bef83
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
