#VU79695 Format string error in mod_auth_openidc - CVE-2021-32785

Cybersecurity Help s.r.o.

Published: 2023-08-18

Vulnerability identifier: #VU79695

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-32785

CWE-ID: CWE-134

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
mod_auth_openidc
Web applications / Modules and components for CMS

Vendor: ZmartZone IAM

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a format string error as mod_auth_openidc wrongly performs argument interpolation before passing Redis requests to `hiredis. A remote attacker can supply a specially crafted input that contains format string specifiers and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

mod_auth_openidc: before 2.4.9

External links
https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-55r8-6w97-xxr4
https://github.com/zmartzone/mod_auth_openidc/commit/dc672688dc1f2db7df8ad4abebc367116017a449
https://github.com/zmartzone/mod_auth_openidc/releases/tag/v2.4.9
https://security.netapp.com/advisory/ntap-20210902-0001/
https://www.oracle.com/security-alerts/cpuapr2022.html
https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for apache2-mod_auth_openidc

Multiple vulnerabilities in mod_auth_openidc