A vulnerability classified as critical has been found in Sandstorm Cap'n Proto up to 0.4.1.0/0.5.1.0. Affected is an unknown code block of the file layout.c++. The manipulation as part of a Message leads to a integer overflow vulnerability. CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation.

The bug was discovered 03/17/2015. The weakness was presented 08/09/2017 (oss-sec). The advisory is available at openwall.com. This vulnerability is traded as CVE-2015-2310 since 03/17/2015. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. Technical details are known, but there is no available exploit.

The vulnerability was handled as a non-public zero-day exploit for at least 876 days. During that time the estimated underground price was around $0-$5k.

Upgrading to version 0.4.1.1 or 0.5.1.1 eliminates this vulnerability.

See VDB-105139, VDB-105140 and VDB-105141 for similar entries. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• Sandstorm

Name

• Cap'n Proto

Version

• 0.4.0
• 0.4.1
• 0.5.0
• 0.5.1

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion