cnvd - cnvd-2019-43362

cnvd-2019-43362

Vulnerability from cnvd

Title: Netskope Client缓冲区错溢出洞

Description:

Netskope Client是美国Netskope公司的一款用于连接管理Netskope云平台的客户端程序。

Netskope Client 57.2.0.219之前的57版本和60.2.0.214之前的60版本中的‘doHandshakefromServer’函数存在缓冲区错误漏洞。攻击者可利用该漏洞造成服务崩溃并可能对系统产生其他危害。

Severity: 高

Patch Name: Netskope Client缓冲区错溢出洞的补丁

Patch Description:

Netskope Client是美国Netskope公司的一款用于连接管理Netskope云平台的客户端程序。

Netskope Client 57.2.0.219之前的57版本和60.2.0.214之前的60版本中的‘doHandshakefromServer’函数存在缓冲区错误漏洞。攻击者可利用该漏洞造成服务崩溃并可能对系统产生其他危害。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.netskope.com

Reference: https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client

Impacted products

Name
['Netskope Netskope Client 57;<57.2.0.219', 'Netskope Netskope Client 60;<60.2.0.214']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10882",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-10882"
    }
  },
  "description": "Netskope Client\u662f\u7f8e\u56fdNetskope\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u8fde\u63a5\u7ba1\u7406Netskope\u4e91\u5e73\u53f0\u7684\u5ba2\u6237\u7aef\u7a0b\u5e8f\u3002\n\nNetskope Client 57.2.0.219\u4e4b\u524d\u768457\u7248\u672c\u548c60.2.0.214\u4e4b\u524d\u768460\u7248\u672c\u4e2d\u7684\u2018doHandshakefromServer\u2019\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u9519\u8bef\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u670d\u52a1\u5d29\u6e83\u5e76\u53ef\u80fd\u5bf9\u7cfb\u7edf\u4ea7\u751f\u5176\u4ed6\u5371\u5bb3\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.netskope.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-43362",
  "openTime": "2019-12-02",
  "patchDescription": "Netskope Client\u662f\u7f8e\u56fdNetskope\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u8fde\u63a5\u7ba1\u7406Netskope\u4e91\u5e73\u53f0\u7684\u5ba2\u6237\u7aef\u7a0b\u5e8f\u3002\r\n\r\nNetskope Client 57.2.0.219\u4e4b\u524d\u768457\u7248\u672c\u548c60.2.0.214\u4e4b\u524d\u768460\u7248\u672c\u4e2d\u7684\u2018doHandshakefromServer\u2019\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u9519\u8bef\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u670d\u52a1\u5d29\u6e83\u5e76\u53ef\u80fd\u5bf9\u7cfb\u7edf\u4ea7\u751f\u5176\u4ed6\u5371\u5bb3\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Netskope Client\u7f13\u51b2\u533a\u9519\u6ea2\u51fa\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Netskope Netskope Client 57;\u003c57.2.0.219",
      "Netskope Netskope Client 60;\u003c60.2.0.214"
    ]
  },
  "referenceLink": "https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client",
  "serverity": "\u9ad8",
  "submitTime": "2019-10-08",
  "title": "Netskope Client\u7f13\u51b2\u533a\u9519\u6ea2\u51fa\u6d1e"
}

CVE-2019-10882 (GCVE-0-2019-10882)

Vulnerability from cvelistv5

Published

2019-09-26 15:16

Modified

2024-09-16 23:00

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-120 - Buffer Overflow

Summary

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServer" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system.

References

▼	URL	Tags
	https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf	x_refsource_CONFIRM
	https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client	x_refsource_CONFIRM
	https://airbus-seclab.github.io/advisories/netskope.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Netskope	Netskope client	Version: 54 < Netskope client*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:32:02.124Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://airbus-seclab.github.io/advisories/netskope.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x86"
          ],
          "product": "Netskope client",
          "vendor": "Netskope",
          "versions": [
            {
              "status": "unaffected",
              "version": "Netskope client 57.2.0.219"
            },
            {
              "status": "unaffected",
              "version": "Netskope client 60.2.0.214"
            },
            {
              "changes": [
                {
                  "at": "62",
                  "status": "unaffected"
                }
              ],
              "lessThan": "Netskope client*",
              "status": "affected",
              "version": "54",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Julien Lenoit, Benoit Camredon, Mouad Abouhali from Airbus Security Lab."
        }
      ],
      "datePublic": "2019-05-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in \"doHandshakefromServer\" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-26T15:16:09",
        "orgId": "24a3c815-5f22-4d74-967a-30958d6466f4",
        "shortName": "airbus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://airbus-seclab.github.io/advisories/netskope.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Remediations were applied in R62 onwards and retrospectively applied in golden releases R60.2.0.214 and R57.2.0.219.  Link to latest support golden releases - https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Netskope client buffer overflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@airbus.com",
          "DATE_PUBLIC": "2019-05-17T00:00:00.000Z",
          "ID": "CVE-2019-10882",
          "STATE": "PUBLIC",
          "TITLE": "Netskope client buffer overflow vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Netskope client",
                      "version": {
                        "version_data": [
                          {
                            "platform": "x86",
                            "version_affected": "\u003e=",
                            "version_name": "Netskope client",
                            "version_value": "54"
                          },
                          {
                            "platform": "x86",
                            "version_affected": "\u003c",
                            "version_name": "Netskope client",
                            "version_value": "62"
                          },
                          {
                            "platform": "x86",
                            "version_affected": "!",
                            "version_name": "Netskope client",
                            "version_value": "57.2.0.219"
                          },
                          {
                            "platform": "x86",
                            "version_affected": "!",
                            "version_name": "Netskope client",
                            "version_value": "60.2.0.214"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Netskope"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Julien Lenoit, Benoit Camredon, Mouad Abouhali from Airbus Security Lab."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in \"doHandshakefromServer\" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120 Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf",
              "refsource": "CONFIRM",
              "url": "https://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf"
            },
            {
              "name": "https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client",
              "refsource": "CONFIRM",
              "url": "https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client"
            },
            {
              "name": "https://airbus-seclab.github.io/advisories/netskope.html",
              "refsource": "MISC",
              "url": "https://airbus-seclab.github.io/advisories/netskope.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Remediations were applied in R62 onwards and retrospectively applied in golden releases R60.2.0.214 and R57.2.0.219.  Link to latest support golden releases - https://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client."
          }
        ],
        "source": {
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "24a3c815-5f22-4d74-967a-30958d6466f4",
    "assignerShortName": "airbus",
    "cveId": "CVE-2019-10882",
    "datePublished": "2019-09-26T15:16:09.626407Z",
    "dateReserved": "2019-04-05T00:00:00",
    "dateUpdated": "2024-09-16T23:00:47.885Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted