CVE-2010-2621
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | [email protected] |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 14268
Date de publication : 2010-07-07 22h00 +00:00
Auteur : Luigi Auriemma
EDB Vérifié : Yes
Source:
http://aluigi.org/adv/qtsslame-adv.txt
#######################################################################
Luigi Auriemma
Application: Qt
http://qt.nokia.com
Versions: <= 4.6.3
Platforms: Windows, Mac OS X, Linux, mobile devices
Bug: QSSLsocket endless loop
Exploitation: remote, versus server
Date: 29 Jun 2010
Author: Luigi Auriemma
e-mail: [email protected]
web: aluigi.org
#######################################################################
1) Introduction
2) Bug
3) The Code
4) Fix
#######################################################################
===============
1) Introduction
===============
From vendor's website:
"Qt is a cross-platform application and UI framework.
Using Qt, you can write web-enabled applications once and deploy them
across desktop, mobile and embedded operating systems without rewriting
the source code."
#######################################################################
======
2) Bug
======
The part of the network library which handles the SSL connection can be
tricked into an endless loop that freezes the whole application with
CPU at 100%.
The problem is located in the QSslSocketBackendPrivate::transmit()
function in src_network_ssl_qsslsocket_openssl.cpp that never exits
from the main "while" loop.
Any application that acts as a server (and client, but has no security
impact in this scenario) and uses SSL through the QSslSocket class is
vulnerable and some examples are the Mumble server (Murmur),
Multi-Computer Virtual Whiteboard and so on.
#######################################################################
===========
3) The Code
===========
http://aluigi.org/poc/qtsslame.zip
or
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34227.zip (qtsslame.zip)
#######################################################################
======
4) Fix
======
No fix.
#######################################################################
Products Mentioned
Configuraton 0
Digia>>Qt >> Version To (including) 4.6.3
- Digia>>Qt >> Version 1.41 (Open CPE detail)
- Digia>>Qt >> Version 1.42 (Open CPE detail)
- Digia>>Qt >> Version 1.43 (Open CPE detail)
- Digia>>Qt >> Version 1.44 (Open CPE detail)
- Digia>>Qt >> Version 1.45 (Open CPE detail)
- Digia>>Qt >> Version 2.0.0 (Open CPE detail)
- Digia>>Qt >> Version 2.0.1 (Open CPE detail)
- Digia>>Qt >> Version 2.0.2 (Open CPE detail)
- Digia>>Qt >> Version 3.3.0 (Open CPE detail)
- Digia>>Qt >> Version 3.3.1 (Open CPE detail)
- Digia>>Qt >> Version 3.3.2 (Open CPE detail)
- Digia>>Qt >> Version 3.3.3 (Open CPE detail)
- Digia>>Qt >> Version 3.3.4 (Open CPE detail)
- Digia>>Qt >> Version 3.3.5 (Open CPE detail)
- Digia>>Qt >> Version 3.3.6 (Open CPE detail)
- Digia>>Qt >> Version 4.0.0 (Open CPE detail)
- Digia>>Qt >> Version 4.0.1 (Open CPE detail)
- Digia>>Qt >> Version 4.1.0 (Open CPE detail)
- Digia>>Qt >> Version 4.1.1 (Open CPE detail)
- Digia>>Qt >> Version 4.1.2 (Open CPE detail)
- Digia>>Qt >> Version 4.1.3 (Open CPE detail)
- Digia>>Qt >> Version 4.1.4 (Open CPE detail)
- Digia>>Qt >> Version 4.1.5 (Open CPE detail)
- Digia>>Qt >> Version 4.2 (Open CPE detail)
- Digia>>Qt >> Version 4.2.0 (Open CPE detail)
- Digia>>Qt >> Version 4.2.1 (Open CPE detail)
- Digia>>Qt >> Version 4.2.3 (Open CPE detail)
- Digia>>Qt >> Version 4.3.0 (Open CPE detail)
- Digia>>Qt >> Version 4.3.1 (Open CPE detail)
- Digia>>Qt >> Version 4.3.2 (Open CPE detail)
- Digia>>Qt >> Version 4.3.3 (Open CPE detail)
- Digia>>Qt >> Version 4.3.4 (Open CPE detail)
- Digia>>Qt >> Version 4.3.5 (Open CPE detail)
- Digia>>Qt >> Version 4.4.0 (Open CPE detail)
- Digia>>Qt >> Version 4.4.1 (Open CPE detail)
- Digia>>Qt >> Version 4.4.2 (Open CPE detail)
- Digia>>Qt >> Version 4.4.3 (Open CPE detail)
- Digia>>Qt >> Version 4.5.0 (Open CPE detail)
- Digia>>Qt >> Version 4.5.1 (Open CPE detail)
- Digia>>Qt >> Version 4.5.2 (Open CPE detail)
- Digia>>Qt >> Version 4.5.3 (Open CPE detail)
- Digia>>Qt >> Version 4.6.0 (Open CPE detail)
- Digia>>Qt >> Version 4.6.0 (Open CPE detail)
- Digia>>Qt >> Version 4.6.1 (Open CPE detail)
- Digia>>Qt >> Version 4.6.2 (Open CPE detail)
- Digia>>Qt >> Version 4.6.3 (Open CPE detail)
Qt>>Qt >> Version 4.0.0
- Qt>>Qt >> Version 4.0.0 (Open CPE detail)
Qt>>Qt >> Version 4.0.1
- Qt>>Qt >> Version 4.0.1 (Open CPE detail)
Qt>>Qt >> Version 4.1.0
- Qt>>Qt >> Version 4.1.0 (Open CPE detail)
Qt>>Qt >> Version 4.1.1
- Qt>>Qt >> Version 4.1.1 (Open CPE detail)
Qt>>Qt >> Version 4.1.2
- Qt>>Qt >> Version 4.1.2 (Open CPE detail)
Qt>>Qt >> Version 4.1.3
- Qt>>Qt >> Version 4.1.3 (Open CPE detail)
Qt>>Qt >> Version 4.1.4
- Qt>>Qt >> Version 4.1.4 (Open CPE detail)
Qt>>Qt >> Version 4.1.5
- Qt>>Qt >> Version 4.1.5 (Open CPE detail)
Qt>>Qt >> Version 4.2.0
- Qt>>Qt >> Version 4.2.0 (Open CPE detail)
Qt>>Qt >> Version 4.2.1
- Qt>>Qt >> Version 4.2.1 (Open CPE detail)
Qt>>Qt >> Version 4.2.3
- Qt>>Qt >> Version 4.2.3 (Open CPE detail)
Qt>>Qt >> Version 4.3.0
- Qt>>Qt >> Version 4.3.0 (Open CPE detail)
Qt>>Qt >> Version 4.3.1
- Qt>>Qt >> Version 4.3.1 (Open CPE detail)
Qt>>Qt >> Version 4.3.2
- Qt>>Qt >> Version 4.3.2 (Open CPE detail)
Qt>>Qt >> Version 4.3.3
- Qt>>Qt >> Version 4.3.3 (Open CPE detail)
Qt>>Qt >> Version 4.3.4
- Qt>>Qt >> Version 4.3.4 (Open CPE detail)
Qt>>Qt >> Version 4.3.5
- Qt>>Qt >> Version 4.3.5 (Open CPE detail)
Qt>>Qt >> Version 4.4.0
- Qt>>Qt >> Version 4.4.0 (Open CPE detail)
Qt>>Qt >> Version 4.4.1
- Qt>>Qt >> Version 4.4.1 (Open CPE detail)
Qt>>Qt >> Version 4.4.2
- Qt>>Qt >> Version 4.4.2 (Open CPE detail)
Qt>>Qt >> Version 4.4.3
- Qt>>Qt >> Version 4.4.3 (Open CPE detail)
Qt>>Qt >> Version 4.5.0
- Qt>>Qt >> Version 4.5.0 (Open CPE detail)
Qt>>Qt >> Version 4.5.1
- Qt>>Qt >> Version 4.5.1 (Open CPE detail)
Qt>>Qt >> Version 4.5.2
- Qt>>Qt >> Version 4.5.2 (Open CPE detail)
Qt>>Qt >> Version 4.5.3
- Qt>>Qt >> Version 4.5.3 (Open CPE detail)
Qt>>Qt >> Version 4.6.0
- Qt>>Qt >> Version 4.6.0 (Open CPE detail)
- Qt>>Qt >> Version 4.6.0 (Open CPE detail)
Qt>>Qt >> Version 4.6.0
- Qt>>Qt >> Version 4.6.0 (Open CPE detail)
Qt>>Qt >> Version 4.6.1
- Qt>>Qt >> Version 4.6.1 (Open CPE detail)
Qt>>Qt >> Version 4.6.2
- Qt>>Qt >> Version 4.6.2 (Open CPE detail)
Références
http://qt.gitorious.org/qt/qt/commit/c25c7c9bdfade6b906f37ac8bad44f6f0de57597
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
2025©
tesweb SA
