CVE-2017-6891 - OpenCVE

Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Bookkeeper
Debian	Debian Linux
Gnu	Libtasn1

Configuration 1 [-]

cpe:2.3:a:gnu:libtasn1:4.10:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:apache:bookkeeper:4.12.1:*:*:*:*:*:*:*

References

Link	Resource
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git%3Ba=commit%3Bh=5520704d075802df25ce4ffccc010ba1641bd484
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html	Broken Link
http://www.debian.org/security/2017/dsa-3861	Third Party Advisory
http://www.securityfocus.com/bid/98641	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038619	Third Party Advisory VDB Entry
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
https://secuniaresearch.flexerasoftware.com/advisories/76125/	Permissions Required
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/	Patch Third Party Advisory
https://security.gentoo.org/glsa/201710-11	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: flexera

Published: 2017-05-22T19:00:00

Updated: 2021-06-29T14:07:27

Reserved: 2017-03-14T00:00:00

Link: CVE-2017-6891

JSON object: View

NVD Information

Status : Modified

Published: 2017-05-22T19:29:00.250

Modified: 2023-11-07T02:49:59.207

Link: CVE-2017-6891

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "GnuTLS libtasn1", "vendor": "Flexera Software LLC", "versions": [{"status": "affected", "version": "4.10. Other versions may also be affected."}]}], "datePublic": "2017-05-22T00:00:00", "descriptions": [{"lang": "en", "value": "Two errors in the \"asn1_find_node()\" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility."}], "problemTypes": [{"descriptions": [{"description": "Stack-based buffer overflow leading to system compromise", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-29T14:07:27", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"name": "GLSA-201710-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201710-11"}, {"name": "DSA-3861", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3861"}, {"tags": ["x_refsource_MISC"], "url": "https://secuniaresearch.flexerasoftware.com/advisories/76125/"}, {"tags": ["x_refsource_MISC"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.savannah.gnu.org/gitweb/?p=libtasn1.git%3Ba=commit%3Bh=5520704d075802df25ce4ffccc010ba1641bd484"}, {"name": "98641", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98641"}, {"name": "1038619", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038619"}, {"name": "openSUSE-SU-2019:1510", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html"}, {"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"}, {"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2017-6891", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GnuTLS libtasn1", "version": {"version_data": [{"version_value": "4.10. Other versions may also be affected."}]}}]}, "vendor_name": "Flexera Software LLC"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Two errors in the \"asn1_find_node()\" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Stack-based buffer overflow leading to system compromise"}]}]}, "references": {"reference_data": [{"name": "GLSA-201710-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-11"}, {"name": "DSA-3861", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3861"}, {"name": "https://secuniaresearch.flexerasoftware.com/advisories/76125/", "refsource": "MISC", "url": "https://secuniaresearch.flexerasoftware.com/advisories/76125/"}, {"name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/", "refsource": "MISC", "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/"}, {"name": "http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=5520704d075802df25ce4ffccc010ba1641bd484", "refsource": "CONFIRM", "url": "http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=5520704d075802df25ce4ffccc010ba1641bd484"}, {"name": "98641", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98641"}, {"name": "1038619", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038619"}, {"name": "openSUSE-SU-2019:1510", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html"}, {"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"}, {"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"}]}}}}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2017-6891", "datePublished": "2017-05-22T19:00:00", "dateReserved": "2017-03-14T00:00:00", "dateUpdated": "2021-06-29T14:07:27", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:libtasn1:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "17277D17-DF6A-4594-B9FA-8D91EFF3ADBC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:bookkeeper:4.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB293558-0DB0-4EEB-A91C-7B00A9FA634E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Two errors in the \"asn1_find_node()\" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility."}, {"lang": "es", "value": "Se pueden explotar dos errores en la funci\u00f3n \\\"asn1_find_node()\\\" (lib/parser_aux.c) en GnuTLS libtasn1 versi\u00f3n 4.10 para provocar un desbordamiento de b\u00fafer basado en pila enga\u00f1ando a un usuario para que procese un archivo de asignaciones especialmente manipulado mediante la utilidad de ejemplo asn1Coding."}], "id": "CVE-2017-6891", "lastModified": "2023-11-07T02:49:59.207", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-22T19:29:00.250", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://git.savannah.gnu.org/gitweb/?p=libtasn1.git%3Ba=commit%3Bh=5520704d075802df25ce4ffccc010ba1641bd484"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2017/dsa-3861"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98641"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038619"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Permissions Required"], "url": "https://secuniaresearch.flexerasoftware.com/advisories/76125/"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201710-11"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}