ID

VAR-202106-1909


CVE

CVE-2017-20005


TITLE

NGINX  Integer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2017-015095

DESCRIPTION

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module. NGINX Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server of Nginx Company in the United States. NGINX has a security vulnerability before 1.13.6. The vulnerability stems from the fact that when the autoindex module encounters this file, it will cause an integer overflow. ========================================================================== Ubuntu Security Notice USN-5109-1 October 18, 2021 nginx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: A security issue was fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled files with certain modification dates. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: nginx 1.10.3-0ubuntu0.16.04.5+esm2 Ubuntu 14.04 ESM: nginx 1.4.6-1ubuntu3.9+esm3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5109-1 CVE-2017-20005

Trust: 1.8

sources: NVD: CVE-2017-20005 // JVNDB: JVNDB-2017-015095 // VULHUB: VHN-394033 // PACKETSTORM: 164541

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:f5model:nginxscope:ltversion:1.13.6

Trust: 1.0

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:f5model:nginxscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2017-015095 // NVD: CVE-2017-20005

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-20005
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-20005
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202106-378
value: CRITICAL

Trust: 0.6

VULHUB: VHN-394033
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-20005
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-394033
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-20005
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-20005
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-394033 // JVNDB: JVNDB-2017-015095 // CNNVD: CNNVD-202106-378 // NVD: CVE-2017-20005

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.1

problemtype:Integer overflow or wraparound (CWE-190) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-394033 // JVNDB: JVNDB-2017-015095 // NVD: CVE-2017-20005

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 164541 // CNNVD: CNNVD-202106-378

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202106-378

PATCH

title:#1368 closed defect (fixed)url:https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html

Trust: 0.8

sources: JVNDB: JVNDB-2017-015095

EXTERNAL IDS

db:NVDid:CVE-2017-20005

Trust: 3.4

db:JVNDBid:JVNDB-2017-015095

Trust: 0.8

db:CNNVDid:CNNVD-202106-378

Trust: 0.7

db:PACKETSTORMid:164541

Trust: 0.7

db:AUSCERTid:ESB-2021.3462

Trust: 0.6

db:AUSCERTid:ESB-2021.1974

Trust: 0.6

db:VULHUBid:VHN-394033

Trust: 0.1

sources: VULHUB: VHN-394033 // JVNDB: JVNDB-2017-015095 // PACKETSTORM: 164541 // CNNVD: CNNVD-202106-378 // NVD: CVE-2017-20005

REFERENCES

url:https://security.netapp.com/advisory/ntap-20210805-0006/

Trust: 1.7

url:http://nginx.org/en/changes

Trust: 1.7

url:https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf

Trust: 1.7

url:https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b

Trust: 1.7

url:https://trac.nginx.org/nginx/ticket/1368

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2017-20005

Trust: 0.9

url:https://www.auscert.org.au/bulletins/esb-2021.3462

Trust: 0.6

url:https://packetstormsecurity.com/files/164541/ubuntu-security-notice-usn-5109-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1974

Trust: 0.6

url:https://ubuntu.com/security/notices/usn-5109-1

Trust: 0.1

sources: VULHUB: VHN-394033 // JVNDB: JVNDB-2017-015095 // PACKETSTORM: 164541 // CNNVD: CNNVD-202106-378 // NVD: CVE-2017-20005

CREDITS

Ubuntu

Trust: 0.1

sources: PACKETSTORM: 164541

SOURCES

db:VULHUBid:VHN-394033
db:JVNDBid:JVNDB-2017-015095
db:PACKETSTORMid:164541
db:CNNVDid:CNNVD-202106-378
db:NVDid:CVE-2017-20005

LAST UPDATE DATE

2024-08-14T13:43:27.932000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-394033date:2021-11-10T00:00:00
db:JVNDBid:JVNDB-2017-015095date:2022-02-22T07:06:00
db:CNNVDid:CNNVD-202106-378date:2023-05-15T00:00:00
db:NVDid:CVE-2017-20005date:2021-12-02T19:43:01.953

SOURCES RELEASE DATE

db:VULHUBid:VHN-394033date:2021-06-06T00:00:00
db:JVNDBid:JVNDB-2017-015095date:2022-02-22T00:00:00
db:PACKETSTORMid:164541date:2021-10-18T14:55:13
db:CNNVDid:CNNVD-202106-378date:2021-06-06T00:00:00
db:NVDid:CVE-2017-20005date:2021-06-06T22:15:08.417