CVE-2017-7555 - OpenCVE

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Augeas	Augeas

Configuration 1 [-]

cpe:2.3:a:augeas:augeas:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.debian.org/security/2017/dsa-3949
http://www.securityfocus.com/bid/100378	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:2788
https://access.redhat.com/errata/RHSA-2019:2403
https://github.com/hercules-team/augeas/pull/480	Third Party Advisory
https://puppet.com/security/cve/cve-2017-7555

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2017-08-17T00:00:00

Updated: 2019-08-07T13:06:20

Reserved: 2017-04-05T00:00:00

Link: CVE-2017-7555

JSON object: View

NVD Information

Status : Modified

Published: 2017-08-17T19:29:00.223

Modified: 2017-12-09T02:29:10.530

Link: CVE-2017-7555

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "augeas", "vendor": "Red Hat, Inc.", "versions": [{"status": "affected", "version": "up to and including 1.8.0"}]}], "datePublic": "2017-08-17T00:00:00", "descriptions": [{"lang": "en", "value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-08-07T13:06:20", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://puppet.com/security/cve/cve-2017-7555"}, {"name": "100378", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100378"}, {"name": "RHSA-2017:2788", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2788"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/hercules-team/augeas/pull/480"}, {"name": "DSA-3949", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3949"}, {"name": "RHSA-2019:2403", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:2403"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "DATE_PUBLIC": "2017-08-17T00:00:00", "ID": "CVE-2017-7555", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "augeas", "version": {"version_data": [{"version_value": "up to and including 1.8.0"}]}}]}, "vendor_name": "Red Hat, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-122"}]}]}, "references": {"reference_data": [{"name": "https://puppet.com/security/cve/cve-2017-7555", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/cve-2017-7555"}, {"name": "100378", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100378"}, {"name": "RHSA-2017:2788", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2788"}, {"name": "https://github.com/hercules-team/augeas/pull/480", "refsource": "MISC", "url": "https://github.com/hercules-team/augeas/pull/480"}, {"name": "DSA-3949", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3949"}, {"name": "RHSA-2019:2403", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2403"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7555", "datePublished": "2017-08-17T00:00:00", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2019-08-07T13:06:20", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:augeas:augeas:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E6A5F03-A1F0-42AC-BBCF-A37EC722618A", "versionEndIncluding": "1.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."}, {"lang": "es", "value": "Augeas en sus versiones hasta la 1.8.0 (esta incluida) es vulnerable a un desbordamiento de b\u00fafer basado en memoria din\u00e1mica debido a una gesti\u00f3n indebida de strings escapados. Un atacante podr\u00eda enviar strings manipulados que har\u00edan que la aplicaci\u00f3n que emplea Augeas copie y pegue el final de un b\u00fafer, provocando un bloqueo o una posible ejecuci\u00f3n de c\u00f3digo."}], "id": "CVE-2017-7555", "lastModified": "2017-12-09T02:29:10.530", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-17T19:29:00.223", "references": [{"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2017/dsa-3949"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100378"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2017:2788"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2019:2403"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/hercules-team/augeas/pull/480"}, {"source": "secalert@redhat.com", "url": "https://puppet.com/security/cve/cve-2017-7555"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-122"}], "source": "secalert@redhat.com", "type": "Secondary"}]}