Vulnerability-Lookup

CNVD-2017-09924

Vulnerability from cnvd - Published: 2017-06-16

Title

wolfSSL拒绝服务漏洞（CNVD-2017-09924）

Description

wolfSSL（前称CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL 3.10.2及之前的版本中存在拒绝服务漏洞。远程攻击者可通过向服务器或客户端应用程序提供恶意的x509证书利用该漏洞造成拒绝服务，执行代码。

Severity

高

Formal description

目前没有详细的解决方案提供： https://www.wolfssl.com

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293 https://nvd.nist.gov/vuln/detail/CVE-2017-2800

Impacted products

Name
wolfSSL wolfSSL <=3.10.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2800"
    }
  },
  "description": "wolfSSL\uff08\u524d\u79f0CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\r\n\r\nwolfSSL 3.10.2\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u670d\u52a1\u5668\u6216\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u6076\u610f\u7684x509\u8bc1\u4e66\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "Aleksandar Nikolic of Cisco Talos",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttps://www.wolfssl.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-09924",
  "openTime": "2017-06-16",
  "products": {
    "product": "wolfSSL wolfSSL \u003c=3.10.2"
  },
  "referenceLink": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-2800",
  "serverity": "\u9ad8",
  "submitTime": "2017-05-26",
  "title": "wolfSSL\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-09924\uff09"
}

CVE-2017-2800 (GCVE-0-2017-2800)

Vulnerability from cvelistv5 – Published: 2017-05-24 14:00 – Updated: 2024-08-05 14:02

Summary

A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library.

Severity ?

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

validation vulnerabilities

Assigner

talos

References

URL

Tags

	https://www.exploit-db.com/exploits/41984/	exploitx_refsource_EXPLOIT-DB
	https://talosintelligence.com/vulnerability_repor…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	wolfSSL	wolfSSL	Affected: 3.10.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41984",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41984/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "wolfSSL",
          "vendor": "wolfSSL",
          "versions": [
            {
              "status": "affected",
              "version": "3.10.2"
            }
          ]
        }
      ],
      "datePublic": "2017-05-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "validation vulnerabilities",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:22:25.000Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "41984",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41984/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2017-2800",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "wolfSSL",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.10.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "wolfSSL"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 8.1,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "validation vulnerabilities"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41984",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41984/"
            },
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293",
              "refsource": "MISC",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2017-2800",
    "datePublished": "2017-05-24T14:00:00.000Z",
    "dateReserved": "2016-12-01T00:00:00.000Z",
    "dateUpdated": "2024-08-05T14:02:07.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-09924

CVE-2017-2800 (GCVE-0-2017-2800)

Tags

Sightings

Nomenclature