CVE-2016-5301 : The parse_chunk_header function in libtorrent before 1.1.1 allows remote attacke

The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.

Published 2016-06-30 17:59:10

Updated 2018-10-30 16:27:36

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2016-5301

Opensuse » Opensuse » Version: 13.2
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 42.1
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Matching versions
Arvidn » Libtorrent
Versions up to, including, (<=) 1.1
cpe:2.3:a:arvidn:libtorrent:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-5301

EPSS FAQ

1.39%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 79 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-5301

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2016-5301

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-5301

http://www.securityfocus.com/bid/91498

Libtorrent CVE-2016-5301 Denial of Service Vulnerability
http://lists.opensuse.org/opensuse-updates/2016-06/msg00079.html

openSUSE-SU-2016:1635-1: moderate: Security update for libtorrent-raster
https://github.com/arvidn/libtorrent/pull/782/files

fixed crash on invalid input in http_parser by arvidn · Pull Request #782 · arvidn/libtorrent · GitHub
http://www.openwall.com/lists/oss-security/2016/06/04/9

oss-security - Libtorrent http_parser.cpp denial of service
http://lists.opensuse.org/opensuse-updates/2016-06/msg00103.html

openSUSE-SU-2016:1683-1: moderate: Security update for libtorrent-raster
http://lists.opensuse.org/opensuse-updates/2016-09/msg00043.html

openSUSE-SU-2016:2283-1: moderate: Recommended update for libtorrent-ras
http://www.openwall.com/lists/oss-security/2016/06/05/1

oss-security - Re: Libtorrent http_parser.cpp denial of service
https://github.com/arvidn/libtorrent/issues/780

Libtorrent crashes while parsing invalid chunked HTTP or UPnP response · Issue #780 · arvidn/libtorrent · GitHub

Jump to

Vulnerability Details : CVE-2016-5301

Products affected by CVE-2016-5301

Exploit prediction scoring system (EPSS) score for CVE-2016-5301

CVSS scores for CVE-2016-5301

CWE ids for CVE-2016-5301

References for CVE-2016-5301