CVE-2023-2905 - OpenCVE

Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Cesanta	Mongoose

Configuration 1 [-]

cpe:2.3:a:cesanta:mongoose:7.10:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/cesanta/mongoose/pull/2274	Patch
https://github.com/cesanta/mongoose/releases/tag/7.11	Release Notes
https://takeonme.org/cves/CVE-2023-2905.html	Exploit Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: AHA

Published: 2023-08-09T04:46:14.972Z

Updated: 2023-08-09T04:46:14.972Z

Reserved: 2023-05-26T00:46:11.667Z

Link: CVE-2023-2905

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-08-09T05:15:40.740

Modified: 2023-08-16T20:49:56.363

Link: CVE-2023-2905

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-2905", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "state": "PUBLISHED", "assignerShortName": "AHA", "dateReserved": "2023-05-26T00:46:11.667Z", "datePublished": "2023-08-09T04:46:14.972Z", "dateUpdated": "2023-08-09T04:46:14.972Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mongoose", "vendor": "Cesanta", "versions": [{"status": "affected", "version": "7.10"}, {"status": "unaffected", "version": "7.11"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "zenofex"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "WanderingGlitch"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH </span><span style=\"background-color: rgb(255, 255, 255);\">parsed message with a variable length header, Cesanta Mongoose, an </span><span style=\"background-color: rgb(255, 255, 255);\">embeddable web server, version 7.10 is </span><span style=\"background-color: rgb(255, 255, 255);\">susceptible to a heap-based buffer overflow vulnerability in the default configuration. </span><span style=\"background-color: rgb(255, 255, 255);\">Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.</span><br>"}], "value": "Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH\u00a0parsed message with a variable length header, Cesanta Mongoose, an\u00a0embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2023-08-09T04:46:14.972Z"}, "references": [{"tags": ["third-party-advisory", "technical-description", "exploit"], "url": "https://takeonme.org/cves/CVE-2023-2905.html"}, {"tags": ["patch"], "url": "https://github.com/cesanta/mongoose/pull/2274"}, {"tags": ["release-notes"], "url": "https://github.com/cesanta/mongoose/releases/tag/7.11"}], "source": {"discovery": "EXTERNAL"}, "title": "Cesanta Mongoose MQTT Message Parsing Heap Overflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}