Vulnerability Details : CVE-2017-8807
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.
Vulnerability category: Overflow
Products affected by CVE-2017-8807
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:varnish-cache:varnish:*:*:*:*:*:*:*:*
- cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*
Threat overview for CVE-2017-8807
Top countries where our scanners detected CVE-2017-8807
Top open port discovered on systems with this issue
80
IPs affected by CVE-2017-8807 493
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2017-8807!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2017-8807
1.68%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-8807
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST | |
9.1
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
3.9
|
5.2
|
NIST |
CWE ids for CVE-2017-8807
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-8807
-
https://bugs.debian.org/881808
#881808 - varnish: CVE-2017-8807: Data leak - '-sfile' Stevedore transient objects - Debian Bug report logsIssue Tracking;Third Party Advisory
-
https://github.com/varnishcache/varnish-cache/commit/176f8a075a963ffbfa56f1c460c15f6a1a6af5a7
Avoid buffer read overflow on vcl_error and -sfile · varnishcache/varnish-cache@176f8a0 · GitHubPatch;Vendor Advisory
-
https://www.debian.org/security/2017/dsa-4034
Debian -- Security Information -- DSA-4034-1 varnishThird Party Advisory
-
https://github.com/varnishcache/varnish-cache/pull/2429
bugfix : coredump causes by memcpy in vbf_stp_error by shamger · Pull Request #2429 · varnishcache/varnish-cache · GitHubIssue Tracking;Vendor Advisory
-
http://varnish-cache.org/security/VSV00002.html
VSV00002 Data leak - ‘-sfile’ Stevedore transient objects — Varnish HTTP CachePatch;Vendor Advisory
-
http://www.securityfocus.com/bid/101886
Varnish Cache CVE-2017-8807 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
Jump to