Lucene search

VulDBCVELIST:CVE-2015-10088

HistoryMar 05, 2023 - 5:00 a.m.

CVE-2015-10088 ayttm proxy.c http_connect format string

2023-03-0505:00:05

CWE-134

VulDB

www.cve.org

vulnerability

format string

ayttm

http_connect

libproxy

remote attack

difficult exploitability

patch

vdb-222267

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS

0.002

Percentile

54.5%

JSON

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function http_connect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 40e04680018614a7d2b68566b261b061a0597046. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222267.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "ayttm",
    "versions": [
      {
        "version": "0.5.0.0",
        "status": "affected"
      },
      {
        "version": "0.5.0.1",
        "status": "affected"
      },
      {
        "version": "0.5.0.2",
        "status": "affected"
      },
      {
        "version": "0.5.0.3",
        "status": "affected"
      },
      {
        "version": "0.5.0.4",
        "status": "affected"
      },
      {
        "version": "0.5.0.5",
        "status": "affected"
      },
      {
        "version": "0.5.0.6",
        "status": "affected"
      },
      {
        "version": "0.5.0.7",
        "status": "affected"
      },
      {
        "version": "0.5.0.8",
        "status": "affected"
      },
      {
        "version": "0.5.0.9",
        "status": "affected"
      },
      {
        "version": "0.5.0.10",
        "status": "affected"
      },
      {
        "version": "0.5.0.11",
        "status": "affected"
      },
      {
        "version": "0.5.0.12",
        "status": "affected"
      },
      {
        "version": "0.5.0.13",
        "status": "affected"
      },
      {
        "version": "0.5.0.14",
        "status": "affected"
      },
      {
        "version": "0.5.0.15",
        "status": "affected"
      },
      {
        "version": "0.5.0.16",
        "status": "affected"
      },
      {
        "version": "0.5.0.17",
        "status": "affected"
      },
      {
        "version": "0.5.0.18",
        "status": "affected"
      },
      {
        "version": "0.5.0.19",
        "status": "affected"
      },
      {
        "version": "0.5.0.20",
        "status": "affected"
      },
      {
        "version": "0.5.0.21",
        "status": "affected"
      },
      {
        "version": "0.5.0.22",
        "status": "affected"
      },
      {
        "version": "0.5.0.23",
        "status": "affected"
      },
      {
        "version": "0.5.0.24",
        "status": "affected"
      },
      {
        "version": "0.5.0.25",
        "status": "affected"
      },
      {
        "version": "0.5.0.26",
        "status": "affected"
      },
      {
        "version": "0.5.0.27",
        "status": "affected"
      },
      {
        "version": "0.5.0.28",
        "status": "affected"
      },
      {
        "version": "0.5.0.29",
        "status": "affected"
      },
      {
        "version": "0.5.0.30",
        "status": "affected"
      },
      {
        "version": "0.5.0.31",
        "status": "affected"
      },
      {
        "version": "0.5.0.32",
        "status": "affected"
      },
      {
        "version": "0.5.0.33",
        "status": "affected"
      },
      {
        "version": "0.5.0.34",
        "status": "affected"
      },
      {
        "version": "0.5.0.35",
        "status": "affected"
      },
      {
        "version": "0.5.0.36",
        "status": "affected"
      },
      {
        "version": "0.5.0.37",
        "status": "affected"
      },
      {
        "version": "0.5.0.38",
        "status": "affected"
      },
      {
        "version": "0.5.0.39",
        "status": "affected"
      },
      {
        "version": "0.5.0.40",
        "status": "affected"
      },
      {
        "version": "0.5.0.41",
        "status": "affected"
      },
      {
        "version": "0.5.0.42",
        "status": "affected"
      },
      {
        "version": "0.5.0.43",
        "status": "affected"
      },
      {
        "version": "0.5.0.44",
        "status": "affected"
      },
      {
        "version": "0.5.0.45",
        "status": "affected"
      },
      {
        "version": "0.5.0.46",
        "status": "affected"
      },
      {
        "version": "0.5.0.47",
        "status": "affected"
      },
      {
        "version": "0.5.0.48",
        "status": "affected"
      },
      {
        "version": "0.5.0.49",
        "status": "affected"
      },
      {
        "version": "0.5.0.50",
        "status": "affected"
      },
      {
        "version": "0.5.0.51",
        "status": "affected"
      },
      {
        "version": "0.5.0.52",
        "status": "affected"
      },
      {
        "version": "0.5.0.53",
        "status": "affected"
      },
      {
        "version": "0.5.0.54",
        "status": "affected"
      },
      {
        "version": "0.5.0.55",
        "status": "affected"
      },
      {
        "version": "0.5.0.56",
        "status": "affected"
      },
      {
        "version": "0.5.0.57",
        "status": "affected"
      },
      {
        "version": "0.5.0.58",
        "status": "affected"
      },
      {
        "version": "0.5.0.59",
        "status": "affected"
      },
      {
        "version": "0.5.0.60",
        "status": "affected"
      },
      {
        "version": "0.5.0.61",
        "status": "affected"
      },
      {
        "version": "0.5.0.62",
        "status": "affected"
      },
      {
        "version": "0.5.0.63",
        "status": "affected"
      },
      {
        "version": "0.5.0.64",
        "status": "affected"
      },
      {
        "version": "0.5.0.65",
        "status": "affected"
      },
      {
        "version": "0.5.0.66",
        "status": "affected"
      },
      {
        "version": "0.5.0.67",
        "status": "affected"
      },
      {
        "version": "0.5.0.68",
        "status": "affected"
      },
      {
        "version": "0.5.0.69",
        "status": "affected"
      },
      {
        "version": "0.5.0.70",
        "status": "affected"
      },
      {
        "version": "0.5.0.71",
        "status": "affected"
      },
      {
        "version": "0.5.0.72",
        "status": "affected"
      },
      {
        "version": "0.5.0.73",
        "status": "affected"
      },
      {
        "version": "0.5.0.74",
        "status": "affected"
      },
      {
        "version": "0.5.0.75",
        "status": "affected"
      },
      {
        "version": "0.5.0.76",
        "status": "affected"
      },
      {
        "version": "0.5.0.77",
        "status": "affected"
      },
      {
        "version": "0.5.0.78",
        "status": "affected"
      },
      {
        "version": "0.5.0.79",
        "status": "affected"
      },
      {
        "version": "0.5.0.80",
        "status": "affected"
      },
      {
        "version": "0.5.0.81",
        "status": "affected"
      },
      {
        "version": "0.5.0.82",
        "status": "affected"
      },
      {
        "version": "0.5.0.83",
        "status": "affected"
      },
      {
        "version": "0.5.0.84",
        "status": "affected"
      },
      {
        "version": "0.5.0.85",
        "status": "affected"
      },
      {
        "version": "0.5.0.86",
        "status": "affected"
      },
      {
        "version": "0.5.0.87",
        "status": "affected"
      },
      {
        "version": "0.5.0.88",
        "status": "affected"
      },
      {
        "version": "0.5.0.89",
        "status": "affected"
      }
    ]
  }
]

References

github.com/ayttm/ayttm/commit/40e04680018614a7d2b68566b261b061a0597046

sourceforge.net/p/ayttm/mailman/message/34397158/

vuldb.com/?ctiid.222267

vuldb.com/?id.222267

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS

0.002

Percentile

54.5%

JSON

Related for CVELIST:CVE-2015-10088