CVE-2023-27371

medium

Description

GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.

References

https://lists.gnu.org/archive/html/libmicrohttpd/2023-02/msg00000.html

https://lists.debian.org/debian-lts-announce/2023/03/msg00029.html

https://github.com/0xhebi/CVEs/tree/main/GNU%20Libmicrohttpd

https://git.gnunet.org/libmicrohttpd.git/commit/?id=6d6846e20bfdf4b3eb1b592c97520a532f724238

Details

Source: Mitre, NVD

Published: 2023-02-28

Updated: 2023-03-31

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: Medium