Enviar #176266: No limit in length of "Name" parameter results in DOS attack /memory corruption in wallabag/wallabaginformación

TítuloNo limit in length of "Name" parameter results in DOS attack /memory corruption in wallabag/wallabag
DescripciónVENDOR-GITHUBLINK : https://github.com/wallabag/wallabag Vulnerability Type: CWE-770(Allocation of Resources Without Limits or Throttling) AFFECTED-VERSION : 2.5.4 ## Steps To Reproduce ``` 1. Navigate to this URL https://app.wallabag.it/login and login with your Credential 2. After logged-in move to your Profile-Config section or to this URL: https://app.wallabag.it/config 3. Navigate to "USER INFORMATION" You will see a field called "Name" 3. Here you will see that there is no limit for the “Name” parameter that allows a user to set a very long string as long as 1 million characters. 4. This may possibly result in a memory corruption/DOS attack. ``` Mitigation There must be a fixed length for the “Name” parameter upto 128 characters Impact Allows an attacker to set a " Name “ with long string leading to memory corruption/possible DOS Attack ## PROOF-OF-CONCEPT - GITHUB-LINK : https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md
Fuente⚠️ https://github.com/wallabag/wallabag
Usuario
 Affan (UID 39417)
Sumisión2023-06-30 20:48 (hace 3 años)
Moderación2023-07-08 15:27 (8 days later)
EstadoAceptado
Entrada de VulDB233359 [wallabag 2.5.4 Profile Config /config Nombre denegación de servicio]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!