Vulnerability CVE-2014-8517


Published: 2014-11-17

Description:
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.

See advisories in our WLB2 database:
Topic
Author
Date
High
MacOS X 10.10 & FreeBSD10 ftp Remote Comand Execution
Jared Mcneill
28.10.2014
High
tnftp in MacOS X 10.10 & FreeBSD10 Remote Comand Execution Exploit
dash
04.12.2014

Vendor: Netbsd
Product: Netbsd 
Version:
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0
5.2.2
5.2.1
5.2
5.1.4
5.1.3
5.1.2
5.1.1
5.1
Vendor: Apple
Product: Mac os x 
Version:
10.9.5
10.8.5
10.10.1
10.10.0

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00029.html
http://seclists.org/oss-sec/2014/q4/459
http://seclists.org/oss-sec/2014/q4/464
http://support.apple.com/HT204244
https://security.gentoo.org/glsa/201611-05
https://www.exploit-db.com/exploits/43112/

Related CVE
CVE-2019-6234
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary...
CVE-2019-6233
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary...
CVE-2019-6231
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory.
CVE-2019-6230
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
CVE-2019-6229
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scrip...
CVE-2019-6228
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack.
CVE-2019-6227
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may le...
CVE-2019-6226
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web conte...

Copyright 2019, cxsecurity.com

 

Back to Top