ID CVE-2015-8948
Summary idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.
References
Vulnerable Configurations
  • openSUSE Leap 42.1
    cpe:2.3:o:opensuse:leap:42.1
  • OpenSUSE 13.2
    cpe:2.3:o:opensuse:opensuse:13.2
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • GNU Libidn 1.32
    cpe:2.3:a:gnu:libidn:1.32
CVSS
Base: 5.0 (as of 08-09-2016 - 10:06)
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-610FE5F5F8.NASL
    description Security fix for CVE-2016-6263, CVE-2015-8948, CVE-2016-6262, CVE-2016-6261 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 92800
    published 2016-08-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92800
    title Fedora 23 : libidn (2016-610fe5f5f8)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2079-1.NASL
    description This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189) - CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190) - CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191) - CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93292
    published 2016-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93292
    title SUSE SLED12 / SLES12 Security Update : libidn (SUSE-SU-2016:2079-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-582.NASL
    description Multiple vulnerabilities have been discovered in libidn. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-8948 When idn is reading one zero byte as input an out-of-bounds-read occurred. CVE-2016-6261 An out-of-bounds stack read is exploitable in idna_to_ascii_4i. CVE-2016-6263 stringprep_utf8_nfkc_normalize reject invalid UTF-8, causes a crash. For Debian 7 'Wheezy', these problems have been fixed in version 1.25-2+deb7u2. We recommend that you upgrade your libidn packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 92683
    published 2016-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92683
    title Debian DLA-582-1 : libidn security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-925.NASL
    description This libidn update to version 1.33 fixes the following issues : Security issues fixed : - CVE-2015-8948, CVE-2016-6262: Fixed an out-of-bounds-read when reading one zero byte as input (bsc#990189). - CVE-2016-6263: Fixed stringprep_utf8_nfkc_normalize to reject invalid UTF-8 (bsc#boo#990191). Included bugfixes : - Fixed crash in idna_to_unicode_8z8z and idna_to_unicode_8zlz (introduced in 1.31). - API and ABI is backwards compatible with the previous version. - Update gpg keyring
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 92743
    published 2016-08-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92743
    title openSUSE Security Update : libidn (openSUSE-2016-925)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2291-1.NASL
    description This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189) - CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190) - CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191) - CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93459
    published 2016-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93459
    title SUSE SLES11 Security Update : libidn (SUSE-SU-2016:2291-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3658.NASL
    description Hanno Boeck discovered multiple vulnerabilities in libidn, the GNU library for Internationalized Domain Names (IDNs), allowing a remote attacker to cause a denial of service against an application using the libidn library (application crash).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 93254
    published 2016-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93254
    title Debian DSA-3658-1 : libidn - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-42514BEE97.NASL
    description Security fix for CVE-2016-6263, CVE-2015-8948, CVE-2016-6262, CVE-2016-6261 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 92529
    published 2016-07-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92529
    title Fedora 24 : libidn (2016-42514bee97)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_CB5189EB572F11E6B334002590263BF5.NASL
    description Simon Josefsson reports : libidn: Fix out-of-bounds stack read in idna_to_ascii_4i. idn: Solve out-of-bounds-read when reading one zero byte as input. Also replaced fgets with getline. libidn: stringprep_utf8_nfkc_normalize reject invalid UTF-8. It was always documented to only accept UTF-8 data, but now it doesn't crash when presented with such data.
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 92652
    published 2016-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92652
    title FreeBSD : libidn -- multiple vulnerabilities (cb5189eb-572f-11e6-b334-002590263bf5)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3068-1.NASL
    description Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly disclose sensitive memory. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-2059) Hanno Bock discovered that Libidn incorrectly handled certain input. A remote attacker could possibly use this issue to cause Libidn to crash, resulting in a denial of service. (CVE-2015-8948, CVE-2016-6262, CVE-2016-6261, CVE-2016-6263). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 93107
    published 2016-08-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93107
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : libidn vulnerabilities (USN-3068-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-F99C0A8B69.NASL
    description Update to 1.33 (#1374902,#1359147,#1359148) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-11-15
    plugin id 94888
    published 2016-11-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94888
    title Fedora 25 : mingw-libidn (2016-f99c0a8b69)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2016-210-01.NASL
    description New libidn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen 2019-02-21
    modified 2016-10-19
    plugin id 92607
    published 2016-07-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92607
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : libidn (SSA:2016-210-01)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1014.NASL
    description This update for libidn fixes the following issues : - CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189) - CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190) - CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191) - CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241) This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 93092
    published 2016-08-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93092
    title openSUSE Security Update : libidn (openSUSE-2016-1014)
refmap via4
bid 92070
confirm http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=570e68886c41c2e765e6218cb317d9a9a447a041
debian DSA-3658
mlist
  • [help-libidn] 20160720 Libidn 1.33 released
  • [oss-security] 20160720 CVE request: multiple issues fixed in GNU libidn 1.33
  • [oss-security] 20160721 Re: CVE request: multiple issues fixed in GNU libidn 1.33
suse
  • openSUSE-SU-2016:1924
  • openSUSE-SU-2016:2135
ubuntu USN-3068-1
Last major update 28-11-2016 - 14:50
Published 07-09-2016 - 16:59
Last modified 30-10-2018 - 12:27
Back to Top