CVE-2016-1901 - OpenCVE

Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cgit Project	Cgit
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html
http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html
http://www.debian.org/security/2016/dsa-3545
http://www.openwall.com/lists/oss-security/2016/01/14/3
http://www.openwall.com/lists/oss-security/2016/01/14/6

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-01-20T16:00:00

Updated: 2024-08-05T23:10:40.011Z

Reserved: 2016-01-14T00:00:00

Link: CVE-2016-1901

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-01-20T16:59:05.880

Modified: 2016-12-07T18:33:10.217

Link: CVE-2016-1901

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-13T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-05T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"}, {"name": "openSUSE-SU-2016:0218", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"}, {"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"}, {"name": "FEDORA-2016-e5a5fb196f", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"}, {"name": "openSUSE-SU-2016:0196", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"}, {"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"}, {"name": "DSA-3545", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3545"}, {"name": "FEDORA-2016-215b507409", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-1901", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"}, {"name": "openSUSE-SU-2016:0218", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"}, {"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released", "refsource": "MLIST", "url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"}, {"name": "FEDORA-2016-e5a5fb196f", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"}, {"name": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763", "refsource": "CONFIRM", "url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"}, {"name": "openSUSE-SU-2016:0196", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"}, {"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"}, {"name": "DSA-3545", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3545"}, {"name": "FEDORA-2016-215b507409", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:10:40.011Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"}, {"name": "openSUSE-SU-2016:0218", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"}, {"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"}, {"name": "FEDORA-2016-e5a5fb196f", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"}, {"name": "openSUSE-SU-2016:0196", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"}, {"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"}, {"name": "DSA-3545", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3545"}, {"name": "FEDORA-2016-215b507409", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-1901", "datePublished": "2016-01-20T16:00:00", "dateReserved": "2016-01-14T00:00:00", "dateUpdated": "2024-08-05T23:10:40.011Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF3ADACB-C9F2-4EFB-8B07-AADA98BE5FA8", "versionEndIncluding": "0.11.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow."}, {"lang": "es", "value": "Desbordamiento de enteros en la funci\u00f3n authenticate_post en CGit en versiones anteriores a 0.12 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un gran valor en la cabecera HTTP Content-Length, lo que desencadena un desbordamiento del buffer."}], "id": "CVE-2016-1901", "lastModified": "2016-12-07T18:33:10.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-01-20T16:59:05.880", "references": [{"source": "cve@mitre.org", "url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2016/dsa-3545"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}