Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 472400 (CVE-2013-3843) - <www-servers/monkeyd-1.2.2 : "mk_request_header_process()" Signedness Error Buffer Overflow Vulnerability (CVE-2013-3843)
Summary: <www-servers/monkeyd-1.2.2 : "mk_request_header_process()" Signedness Error B...
Status: RESOLVED FIXED
Alias: CVE-2013-3843
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/53697/
Whiteboard: B2 [glsa]
Keywords:
Depends on: CVE-2013-3724
Blocks:
  Show dependency tree
 
Reported: 2013-06-05 12:59 UTC by Agostino Sarubbo
Modified: 2013-09-25 17:14 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-06-05 12:59:53 UTC
From ${URL} :

Description
A vulnerability has been discovered in Monkey HTTP Daemon, which can be 
exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a signedness error in the 
"mk_request_header_process()" function (src/mk_request.c) when parsing 
the request and can be exploited to cause a stack-based buffer overflow.

The vulnerability is confirmed in version 1.2.0. Other versions may also 
be affected.


Solution
No official solution is currently available.

Provided and/or discovered by
Reported by dougsko in a bug report.

Original Advisory
http://bugs.monkey-project.com/ticket/182



@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Anthony Basile gentoo-dev 2013-06-05 20:37:15 UTC
Looks like upstream has a solution:

http://git.monkey-project.com/?p=monkey;a=commit;h=95d646e5de252bfaa8b68c39d0f48e5d82965d41
Comment 2 Anthony Basile gentoo-dev 2013-06-05 20:51:42 UTC
The patch is in the tree with monkeyd-1.2.0.
Comment 3 Anthony Basile gentoo-dev 2013-06-08 10:02:27 UTC
(In reply to Anthony Basile from comment #2)
> The patch is in the tree with monkeyd-1.2.0.

1.2.1 was released with the fix, so I pulled 1.2.0 and pushed 1.2.1
Comment 4 Sergey Popov gentoo-dev Security 2013-08-23 09:56:43 UTC
GLSA request filed
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2013-09-25 17:14:17 UTC
This issue was resolved and addressed in
 GLSA 201309-17 at http://security.gentoo.org/glsa/glsa-201309-17.xml
by GLSA coordinator Chris Reffett (creffett).