Out-of-bounds write in wolfSSL - CVE-2017-2800
Published: May 11, 2017
Vulnerability identifier: #VU6519
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2017-2800
CWE-ID: CWE-787
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: wolfSSL
Affected software:
wolfSSL
wolfSSL
Detailed vulnerability description
The vulnerability allows a remote unauthenticated attacker execute arbitrary code or cause DoS condition.
The weakness exists due to improper parsing of X.509 certificates by wolfSSL library. A remote attacker can send specially crafted X.509 certificates, cause an out-of-bounds write by one condition in the wolfSSL_X509_NAME_get_text_by_NID function and execute arbitrary code or cause the application to crash.
Successful exploitation of the vulnerability may result in arbitrary code execution or denial of service.
The weakness exists due to improper parsing of X.509 certificates by wolfSSL library. A remote attacker can send specially crafted X.509 certificates, cause an out-of-bounds write by one condition in the wolfSSL_X509_NAME_get_text_by_NID function and execute arbitrary code or cause the application to crash.
Successful exploitation of the vulnerability may result in arbitrary code execution or denial of service.
How to mitigate CVE-2017-2800
Update to version 3.11.