CVE-2015-5718 - Vulnerability Details - OpenCVE

Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00739.

Key SSVC decision points have not yet been added.

Vendors	Products
Websense	Content Gateway

Configuration 1 [-]

cpe:2.3:a:websense:content_gateway:8.0.0:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2015-5665	Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2015/Aug/8
http://www.securityfocus.com/archive/1/536138/100/0/threaded
http://www.securitytracker.com/id/1033263
http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-08-12T14:00:00

Updated: 2024-08-06T06:59:04.384Z

Reserved: 2015-08-03T00:00:00

Link: CVE-2015-5718

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-08-12T14:59:26.167

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-5718

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-06-10T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html"}, {"name": "20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/Aug/8"}, {"name": "20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/536138/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt"}, {"name": "1033263", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033263"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-5718", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway", "refsource": "CONFIRM", "url": "http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway"}, {"name": "http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html"}, {"name": "20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Aug/8"}, {"name": "20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/536138/100/0/threaded"}, {"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt", "refsource": "MISC", "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt"}, {"name": "1033263", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033263"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:59:04.384Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html"}, {"name": "20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2015/Aug/8"}, {"name": "20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/536138/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt"}, {"name": "1033263", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033263"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-5718", "datePublished": "2015-08-12T14:00:00", "dateReserved": "2015-08-03T00:00:00", "dateUpdated": "2024-08-06T06:59:04.384Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:websense:content_gateway:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "072DDD6D-E878-469F-B933-D0F542A1D65A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi."}, {"lang": "es", "value": "Desbordamiento del buffer basado en pila en la funci\u00f3n handle_debug_network en el gestor en Websense Content Gateway en versiones anteriores a la 8.0.0 HF02, permite a administradores remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una petici\u00f3n de diagn\u00f3stico de l\u00ednea de comando manipulada a submit_net_debug.cgi."}], "id": "CVE-2015-5718", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-08-12T14:59:26.167", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2015/Aug/8"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/536138/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1033263"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/132968/Websense-Triton-Content-Manager-8.0.0-Build-1165-Buffer-Overflow.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2015/Aug/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/536138/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1033263"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.websense.com/support/article/kbarticle/v8-0-0-About-Hotfix-02-for-Websense-Content-Gateway"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150805-0_Websense_Content_Gateway_stack_buffer_overflow_in_handle_debug_network_v10.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}