| 제목 | No limit in length of "Name" parameter results in DOS attack /memory corruption in wallabag/wallabag |
|---|
| 설명 | VENDOR-GITHUBLINK : https://github.com/wallabag/wallabag
Vulnerability Type: CWE-770(Allocation of Resources Without Limits or Throttling)
AFFECTED-VERSION : 2.5.4
## Steps To Reproduce
```
1. Navigate to this URL https://app.wallabag.it/login and login with your Credential
2. After logged-in move to your Profile-Config section or to this URL: https://app.wallabag.it/config
3. Navigate to "USER INFORMATION" You will see a field called "Name"
3. Here you will see that there is no limit for the “Name” parameter that allows a user to set a very long string as long as 1 million characters.
4. This may possibly result in a memory corruption/DOS attack.
```
Mitigation
There must be a fixed length for the “Name” parameter upto 128 characters
Impact
Allows an attacker to set a " Name “ with long string leading to memory corruption/possible DOS Attack
## PROOF-OF-CONCEPT
- GITHUB-LINK : https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md |
|---|
| 원천 | ⚠️ https://github.com/wallabag/wallabag |
|---|
| 사용자 | Affan (UID 39417) |
|---|
| 제출 | 2023. 06. 30. PM 08:48 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 07. 08. PM 03:27 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 233359 [wallabag 2.5.4 Profile Config /config 이름 서비스 거부] |
|---|
| 포인트들 | 20 |
|---|