#VU46729 Out-of-bounds write in libproxy - CVE-2020-25219

Cybersecurity Help s.r.o.

Published: 2020-09-09 | Updated: 2020-09-15

Vulnerability identifier: #VU46729

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-25219

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libproxy
Other software / Other software solutions

Vendor: libproxy

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libproxy: 0.4.0 - 0.4.15

External links
https://github.com/libproxy/libproxy/issues/134
https://lists.debian.org/debian-lts-announce/2020/09/msg00012.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in QRadar Incident Forensics

Multiple vulnerabilities in IBM QRadar SIEM

openEuler update for libproxy

Arch Linux update for libproxy-mozjs

Arch Linux update for libproxy

Arch Linux update for libproxy-webkit

Debian update for libproxy

OpenSUSE Linux update for libproxy

Fedora 31 update for libproxy