Project

General

Profile

Actions
Copy link

Security #1364

closed

evasion issues

Added by Victor Julien almost 10 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
High
Assignee:
Victor Julien
Target version:
2.0.6
Affected Versions:
Label:
CVE:
2015-8954
Git IDs:

b09b20d7e2280fafd0282a6a566a65411ca5137f

Severity:
Disclosure Date:

Description

A logic error in MemcmpLowercase excluded the first byte from the compare. This can lead to FN/FP issues for all users of this function.

Affected:
  • HTTP multipart parsing might get confused, so file matching and extraction can fail
  • http_header keyword won't inspect specific headers:
  • with name Xookie (where X can be any byte but 'c'/'C')
  • with name Xet-cookie (where X can be any byte but 's'/'S')
  • fileext keyword can be bypassed
  • FTP 'ftpbounce' keyword may be bypassed
Actions
Copy link
 #1

Updated by Victor Julien almost 10 years ago

  • Description updated (diff)
  • % Done changed from 0 to 100
Actions
Copy link
 #2

Updated by Victor Julien almost 10 years ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Victor Julien almost 10 years ago

  • Status changed from Assigned to Closed
Actions
Copy link
 #4

Updated by Henri Salo about 8 years ago

CVE-2015-8954 has been assigned to this issue.

Actions
Copy link
 #5

Updated by Victor Julien about 4 years ago

  • Tracker changed from Bug to Security
  • CVE set to 2015-8954
  • Git IDs updated (diff)
Actions
Copy link

Also available in: Atom PDF