Heap overflow in H. Spencer’s regex library

Advisory ID	CVE Number	Date discovered	Severity	Advisory revision
STORM-2015-010	CVE-2015-2305	02/04/2015	low	v1

Vulnerability details

A heap-based overflow was discovered in regcomp(3) function of Henry Spencer’s regular expression library.

This vulnerability requires a significant amount of control over regcomp function to be successfully exploited.

Products	Severity	Detail
Fast360	low	The product uses a vulnerable function of regcomp

Version	Date	Description
v1	08/18/2015	Initial release

Analysis	Impacted version
Arkoon Fast360 products embed a vulnerable function of regcomp which is used mainly by the http proxy. However, the attacker have to pass a specially crafted regular expression to the regcomp function which is very unlikely to occur in the context of the http proxy.	Arkoon Fast360 5.0/1 to 5.0/34 Arkoon Fast360 6.0/1 to 6.0/8

A patch is available in versions 5.0/35 and 6.0/9. These versions are available for download through our Early Access Release (EAR) program which can be accessed by registering to the community via https://open.arkoon.net/ear-acceder-a-nos-prochaines-version-en-avant-premiere

These versions will be made publicly available through our main update servers on 29 Sepetember 2015.

5.0/35 and 6.0/9 updates fix this vulnerability. You are strongly advised to update your appliances.

Access vector	Access complexity	Authentication	Confidentiality impact	Integrity impact	Availability impact
Network	High	None	None	None	Partial

CVSS Base score: 2.6	CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P)

Exploitability	Remediation Level	Report Confidence
High	Official fix	Confirmed

CVSS Temporal score: 2.2	CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P/E:H/RL:OF/RC:C)

Collateral Damage Potential	Target Distribution
Low	High [76-100%]

CVSS Environmental score: 3	CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P/E:H/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)