CVE-2017-16129 - OpenCVE

The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive CPU and/or memory consumption. An attacker might exploit such a weakness for a DoS attack. To exploit this the attacker must control the location (URL) that superagent makes a request to.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Superagent Project	Superagent

Configuration 1 [-]

cpe:2.3:a:superagent_project:superagent:*:*:*:*:*:node.js:*:*

References

Link	Resource
https://github.com/visionmedia/superagent/issues/1259	Issue Tracking Patch Third Party Advisory
https://nodesecurity.io/advisories/479	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: hackerone

Published: 2018-04-26T00:00:00

Updated: 2018-06-07T01:57:01

Reserved: 2017-10-29T00:00:00

Link: CVE-2017-16129

JSON object: View

NVD Information

Status : Modified

Published: 2018-06-07T02:29:03.457

Modified: 2019-10-09T23:24:49.017

Link: CVE-2017-16129

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "superagent node module", "vendor": "HackerOne", "versions": [{"status": "affected", "version": "<3.7.0"}]}], "datePublic": "2018-04-26T00:00:00", "descriptions": [{"lang": "en", "value": "The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive CPU and/or memory consumption. An attacker might exploit such a weakness for a DoS attack. To exploit this the attacker must control the location (URL) that superagent makes a request to."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-409", "description": "Improper Handling of Highly Compressed Data (Data Amplification) (CWE-409)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-06-07T01:57:01", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://nodesecurity.io/advisories/479"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/visionmedia/superagent/issues/1259"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "DATE_PUBLIC": "2018-04-26T00:00:00", "ID": "CVE-2017-16129", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "superagent node module", "version": {"version_data": [{"version_value": "<3.7.0"}]}}]}, "vendor_name": "HackerOne"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive CPU and/or memory consumption. An attacker might exploit such a weakness for a DoS attack. To exploit this the attacker must control the location (URL) that superagent makes a request to."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Handling of Highly Compressed Data (Data Amplification) (CWE-409)"}]}]}, "references": {"reference_data": [{"name": "https://nodesecurity.io/advisories/479", "refsource": "MISC", "url": "https://nodesecurity.io/advisories/479"}, {"name": "https://github.com/visionmedia/superagent/issues/1259", "refsource": "MISC", "url": "https://github.com/visionmedia/superagent/issues/1259"}]}}}}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2017-16129", "datePublished": "2018-04-26T00:00:00", "dateReserved": "2017-10-29T00:00:00", "dateUpdated": "2018-06-07T01:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:superagent_project:superagent:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "8A86D4C2-09BE-45F0-985E-8AB163C926E0", "versionEndExcluding": "3.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive CPU and/or memory consumption. An attacker might exploit such a weakness for a DoS attack. To exploit this the attacker must control the location (URL) that superagent makes a request to."}, {"lang": "es", "value": "El m\u00f3dulo HTTP del cliente superagent es vulnerable a ataques de bomba ZIP. En un ataque de bomba ZIP, el servidor HTTP responde con una respuesta comprimida que se agranda significativamente una vez descomprimida. Si un cliente no toma las suficientes precauciones al procesar tales respuestas, podr\u00eda resultar en un consumo excesivo de CPU y/o memoria. Un atacante podr\u00eda explotar una debilidad como esa para un ataque DoS. Para explotarla, el atacante debe controlar la ubicaci\u00f3n (URL) a la que superagent realiza una petici\u00f3n."}], "id": "CVE-2017-16129", "lastModified": "2019-10-09T23:24:49.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-07T02:29:03.457", "references": [{"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/visionmedia/superagent/issues/1259"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://nodesecurity.io/advisories/479"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-409"}], "source": "support@hackerone.com", "type": "Secondary"}]}