Risk | High |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2017-10684 |
CWE-ID | CWE-121 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
ncurses (Alpine package) Operating systems & Components / Operating system package or component |
Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
EUVDB-ID: #VU12110
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-10684
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in the fmt_entry function of ncurses due to stack-based buffer overflow when handling malicious input. A remote unauthenticated attacker can send a request that submits malicious input, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsncurses (Alpine package): 6.0-r6 - 6.0-r7
External linkshttp://git.alpinelinux.org/aports/commit/?id=6a5b68ce4707357d4e18eda94ec021eabff28abd
http://git.alpinelinux.org/aports/commit/?id=762b9fd601983d8a6e6a60692158f3f22b1b60fe
http://git.alpinelinux.org/aports/commit/?id=95c59a0b632f9907b2395a84fbe1aac07e925147
http://git.alpinelinux.org/aports/commit/?id=f303e294fb206385ed1e11fd5188e7d2e6629b62
http://git.alpinelinux.org/aports/commit/?id=213b1c9e6d82e0a04339d69c8f868ff13c48775a
http://git.alpinelinux.org/aports/commit/?id=d5ed3d124d4bdd572b63974e635e5d7a2fd8a1c8
http://git.alpinelinux.org/aports/commit/?id=ac658c440bf2097da963820d14d5e89d75887cd7
http://git.alpinelinux.org/aports/commit/?id=bac940573393e980a46ef49d809df53058bba8b4
http://git.alpinelinux.org/aports/commit/?id=e3586a1e221047f8b61cfa63eec6f2fc681a1bbb
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.