#VU16502 Information disclosure in NetBSD

Cybersecurity Help s.r.o.

Published: 2018-12-12

Vulnerability identifier: #VU16502

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: N/A

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
NetBSD
Operating systems & Components / Operating system

Vendor: NetBSD Foundation, Inc

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the handling of bozohttpd special files due to improper checking the return value of bozo_check_special_files(). A remote attacker can access contents of certain special files including configuration files for bozohttpd(8) and include the standard .htpasswd file for HTTP Basic Authorisation (RFC-7617), which contains both a list of user names and their encrypted passwords.

Mitigation
Install update from vendor's website.

Vulnerable software versions

NetBSD: 7.1 - 8.0

External links
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2018-009.txt.asc

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in NetBSD