cnvd - cnvd-2017-09924

cnvd-2017-09924

Vulnerability from cnvd

Title: wolfSSL拒绝服务漏洞（CNVD-2017-09924）

Description:

wolfSSL（前称CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。

wolfSSL 3.10.2及之前的版本中存在拒绝服务漏洞。远程攻击者可通过向服务器或客户端应用程序提供恶意的x509证书利用该漏洞造成拒绝服务，执行代码。

Severity: 高

Formal description:

目前没有详细的解决方案提供： https://www.wolfssl.com

Reference: https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293 https://nvd.nist.gov/vuln/detail/CVE-2017-2800

Impacted products

Name
wolfSSL wolfSSL <=3.10.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2800"
    }
  },
  "description": "wolfSSL\uff08\u524d\u79f0CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\r\n\r\nwolfSSL 3.10.2\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u670d\u52a1\u5668\u6216\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u6076\u610f\u7684x509\u8bc1\u4e66\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "Aleksandar Nikolic of Cisco Talos",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttps://www.wolfssl.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-09924",
  "openTime": "2017-06-16",
  "products": {
    "product": "wolfSSL wolfSSL \u003c=3.10.2"
  },
  "referenceLink": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-2800",
  "serverity": "\u9ad8",
  "submitTime": "2017-05-26",
  "title": "wolfSSL\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-09924\uff09"
}

CVE-2017-2800 (GCVE-0-2017-2800)

Vulnerability from cvelistv5

Published

2017-05-24 14:00

Modified

2024-08-05 14:02

Severity ?

8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

validation vulnerabilities

Summary

A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library.

References

▼	URL	Tags
	https://www.exploit-db.com/exploits/41984/	exploit, x_refsource_EXPLOIT-DB
	https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	wolfSSL	wolfSSL	Version: 3.10.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41984",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41984/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "wolfSSL",
          "vendor": "wolfSSL",
          "versions": [
            {
              "status": "affected",
              "version": "3.10.2"
            }
          ]
        }
      ],
      "datePublic": "2017-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "validation vulnerabilities",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:22:25",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "41984",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41984/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2017-2800",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "wolfSSL",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.10.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "wolfSSL"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 8.1,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "validation vulnerabilities"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41984",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41984/"
            },
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293",
              "refsource": "MISC",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2017-2800",
    "datePublished": "2017-05-24T14:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T14:02:07.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted