axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Blough (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (AXIS2C-1661) vulnerability : buffer overflow in axis2/c http client
Date Tue, 04 Dec 2018 02:56:00 GMT

     [ https://issues.apache.org/jira/browse/AXIS2C-1661?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Bill Blough closed AXIS2C-1661.
-------------------------------

> vulnerability : buffer overflow in axis2/c http client
> ------------------------------------------------------
>
>                 Key: AXIS2C-1661
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1661
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: core/transport
>    Affects Versions: 1.6.0, 1.7.0, Current (Nightly)
>         Environment: Any, axis2/c built with native http sender (no libcurl)
>            Reporter: Gilles Gagniard
>            Priority: Critical
>              Labels: overflow, patch, security
>             Fix For: 1.7.0
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> With axis2/c used as a client using http transport, if a malicious server begins its
reply with more than 512 bytes without CRLF (ie. in place of the response status), this causes
a stack overflow in the client. Remote code execution is certainly possible.
> Please find a fix for this vulnerability here :
> https://github.com/gillesgagniard/wso2-wsf-cpp-gg/commit/976f9c60ccade30ae3fe1a2bddbaeb1fdc9e000a



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org


Mime
View raw message