Lucene search
Nehalr777202DD03A-3D97-4C64-BC73-1A0F36614233HistorySep 24, 2022 - 5:36 a.m.
No Limit in length of root directory name , results in memory consumption/DOS attack
2022-09-2405:36:34
nehalr777
www.huntr.dev
8
fixed length
user input
dos attack
EPSS
0.001
Percentile
37.9%
Description
There must be a fixed length for user input parameters like root directory name. Allowing users to enter long strings may result in a DOS attack or memory corruption
Proof of Concept
1)Go to https://rdiffweb-demo.ikus-soft.com/admin/users endpoint .
2)Click on add user
3)Here you will see that there is no limit for the root directory name length that allows a user to to set a very long string as long as 1 million characters
4)This may possible result in a memory corruption/DOS attack
Mitigation: There must be a fixed length for the root directory name - upto 256 characters
Related
cvelist
cvelist
prion
prion
Design/Logic Flaw
2022-09-26 13:15:00
veracode
veracode
Denial Of Service (DoS)
2022-09-27 05:59:25
cve
cve
CVE-2022-3295
2022-09-26 13:15:11
github
github
cnvd
cnvd
Rdiffweb Root Directory Name Denial of Service Vulnerability
2022-09-28 00:00:00
osv
osv
rdiffweb allows unlimited length of root directory name, which could result in DoS
2022-09-27 00:00:22
CVE-2022-3295
2022-09-26 13:15:11
PYSEC-2022-293
2022-09-26 13:15:00
nvd
nvd
CVE-2022-3295
2022-09-26 13:15:11