Heap overflow in H. Spencer’s regex library

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2015-010 CVE-2015-2305 02/04/2015 low v1

Vulnerability details

A heap-based overflow was discovered in regcomp(3) function of Henry Spencer’s regular expression library.

This vulnerability requires a significant amount of control over regcomp function to be successfully exploited.

Impacted products

ProductsSeverityDetail
Fast360 low The product uses a vulnerable function of regcomp

Revisions

Version Date Description
v1 08/18/2015 Initial release


Fast360

CVSS v2 Overall Score: 3      

Analysis

Impacted version

Arkoon Fast360 products embed a vulnerable function of regcomp which is used mainly by the http proxy. However, the attacker have to pass a specially crafted regular expression to the regcomp function which is very unlikely to occur in the context of the http proxy.

  • Arkoon Fast360 5.0/1 to 5.0/34
  • Arkoon Fast360 6.0/1 to 6.0/8

Workaround solution

Solution

A patch is available in versions 5.0/35 and 6.0/9. These versions are available for download through our Early Access Release (EAR) program which can be accessed by registering to the community via https://open.arkoon.net/ear-acceder-a-nos-prochaines-version-en-avant-premiere

These versions will be made publicly available through our main update servers on 29 Sepetember 2015.

5.0/35 and 6.0/9 updates fix this vulnerability. You are strongly advised to update your appliances.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network High None None None Partial
CVSS Base score: 2.6 CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
High Official fix Confirmed
CVSS Temporal score: 2.2 CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P/E:H/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 3 CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P/E:H/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)