CVE-2017-15710 in HTTP Serverinfo

Summary

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

10/21/2017

Disclosure

03/26/2018

Moderation

VulDB entry created

Entries

VDB-115038 (1)

CPE

ready

CWE

CWE-787 (Confirmed)

CVSS

6.4

EPSS

0.08002

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-15710
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-15710
CVE Details	https://www.cvedetails.com/cve/CVE-2017-15710/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!