CVE-2018-4013 - OpenCVE

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Live555	Live555 Media Server

Configuration 1 [-]

cpe:2.3:a:live555:live555_media_server:0.92:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

No data.

References

Link	Providers
http://lists.live555.com/pipermail/live-devel/2018-October/021071.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00020.html
https://security.gentoo.org/glsa/202005-06
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684
https://www.debian.org/security/2018/dsa-4343

History

No history.

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2018-10-19T13:00:00Z

Updated: 2024-09-16T22:24:54.989Z

Reserved: 2018-01-02T00:00:00

Link: CVE-2018-4013

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-10-19T13:29:00.680

Modified: 2022-06-07T17:21:41.500

Link: CVE-2018-4013

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "LIVE555 Media Server", "vendor": "Live Networks", "versions": [{"status": "affected", "version": "Version 0.92"}]}], "datePublic": "2018-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Stack-based buffer overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-19T18:08:07", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos"}, "references": [{"name": "DSA-4343", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4343"}, {"name": "[live-devel] 20181017 New LIVE555 version - fixes a potential vulnerability in the RTSP server implementation", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.live555.com/pipermail/live-devel/2018-October/021071.html"}, {"name": "[debian-lts-announce] 20181120 [SECURITY] [DLA 1582-1] liblivemedia security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00020.html"}, {"name": "GLSA-202005-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202005-06"}, {"tags": ["x_refsource_MISC"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2018-10-18T00:00:00", "ID": "CVE-2018-4013", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "LIVE555 Media Server", "version": {"version_data": [{"version_value": "Version 0.92"}]}}]}, "vendor_name": "Live Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability."}]}, "impact": {"cvss": {"baseScore": 10, "baseSeverity": null, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Stack-based buffer overflow"}]}]}, "references": {"reference_data": [{"name": "DSA-4343", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4343"}, {"name": "[live-devel] 20181017 New LIVE555 version - fixes a potential vulnerability in the RTSP server implementation", "refsource": "MLIST", "url": "http://lists.live555.com/pipermail/live-devel/2018-October/021071.html"}, {"name": "[debian-lts-announce] 20181120 [SECURITY] [DLA 1582-1] liblivemedia security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00020.html"}, {"name": "GLSA-202005-06", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202005-06"}, {"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T05:04:28.266Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4343", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4343"}, {"name": "[live-devel] 20181017 New LIVE555 version - fixes a potential vulnerability in the RTSP server implementation", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.live555.com/pipermail/live-devel/2018-October/021071.html"}, {"name": "[debian-lts-announce] 20181120 [SECURITY] [DLA 1582-1] liblivemedia security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00020.html"}, {"name": "GLSA-202005-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202005-06"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684"}]}]}, "cveMetadata": {"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2018-4013", "datePublished": "2018-10-19T13:00:00Z", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-09-16T22:24:54.989Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:live555:live555_media_server:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "7009CDF5-615D-4108-A297-7EFF77E6522A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad explotable de ejecuci\u00f3n de c\u00f3digo en la funcionalidad HTTP packet-parsing de la biblioteca del servidor LIVE555 RTSP en su versi\u00f3n 0.92. Un paquete especialmente manipulado puede provocar un desbordamiento de b\u00fafer basado en pila que dar\u00eda lugar a la ejecuci\u00f3n de c\u00f3digo. Un atacante puede enviar un paquete para provocar esta vulnerabilidad."}], "id": "CVE-2018-4013", "lastModified": "2022-06-07T17:21:41.500", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-19T13:29:00.680", "references": [{"source": "talos-cna@cisco.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.live555.com/pipermail/live-devel/2018-October/021071.html"}, {"source": "talos-cna@cisco.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00020.html"}, {"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202005-06"}, {"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684"}, {"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4343"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}