CVE-2020-13432 - OpenCVE

rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Rejetto	Http File Server

Configuration 1 [-]

cpe:2.3:a:rejetto:http_file_server:2.3m:*:*:*:*:*:*:*

References

Link	Resource
http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt	Exploit Third Party Advisory
http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2020/Jun/13	Exploit Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2021/Apr/12
https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de	Patch Third Party Advisory
https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
https://www.rejetto.com/hfs/?f=wn	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-08T17:25:10

Updated: 2021-04-06T12:06:16

Reserved: 2020-05-24T00:00:00

Link: CVE-2020-13432

JSON object: View

NVD Information

Status : Modified

Published: 2020-06-08T18:15:11.710

Modified: 2021-04-06T13:15:13.887

Link: CVE-2020-13432

JSON object: View

Redhat Information

No data.

CWE

CWE-120

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-06-08T00:00:00", "descriptions": [{"lang": "en", "value": "rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-06T12:06:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.rejetto.com/hfs/?f=wn"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html"}, {"tags": ["x_refsource_MISC"], "url": "http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt"}, {"tags": ["x_refsource_MISC"], "url": "https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html"}, {"name": "20200609 CVE-2020-13432 - HFS HTTP File Server / Remote Buffer Overflow DoS", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/Jun/13"}, {"name": "20210406 Trojan.Win32.Sharer.h / Known Vulnerable Component - Heap Corruption", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2021/Apr/12"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13432", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.rejetto.com/hfs/?f=wn", "refsource": "MISC", "url": "https://www.rejetto.com/hfs/?f=wn"}, {"name": "https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de", "refsource": "MISC", "url": "https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de"}, {"name": "http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html"}, {"name": "http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt", "refsource": "MISC", "url": "http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt"}, {"name": "https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html", "refsource": "MISC", "url": "https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html"}, {"name": "20200609 CVE-2020-13432 - HFS HTTP File Server / Remote Buffer Overflow DoS", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2020/Jun/13"}, {"name": "20210406 Trojan.Win32.Sharer.h / Known Vulnerable Component - Heap Corruption", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Apr/12"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13432", "datePublished": "2020-06-08T17:25:10", "dateReserved": "2020-05-24T00:00:00", "dateUpdated": "2021-04-06T12:06:16", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rejetto:http_file_server:2.3m:*:*:*:*:*:*:*", "matchCriteriaId": "578FE7E5-58F3-4CE0-9AC4-850FB81DD925", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers."}, {"lang": "es", "value": "rejetto HFS (tambi\u00e9n se conoce como HTTP File Server) versi\u00f3n v2.3m Build #300, cuando se utilizan archivos o carpetas virtuales, permite a atacantes remotos desencadenar una violaci\u00f3n de acceso de escritura de puntero no v\u00e1lido por medio de peticiones HTTP concurrentes con un URI largo o encabezados HTTP largos"}], "id": "CVE-2020-13432", "lastModified": "2021-04-06T13:15:13.887", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-08T18:15:11.710", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/Jun/13"}, {"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2021/Apr/12"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.rejetto.com/hfs/?f=wn"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}