var-201912-0787
Vulnerability from variot
An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on the server. GoAhead web Server applications contain a usage of freed memory vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Embedthis Software GoAhead is an embedded Web server of American Embedthis Software company. Attackers can exploit this vulnerability to damage the heap structure and execute code
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0787", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "goahead", "scope": "eq", "trust": 1.8, "vendor": "embedthis", "version": "4.1.1" }, { "model": "goahead", "scope": "eq", "trust": 1.8, "vendor": "embedthis", "version": "5.0.1" }, { "model": "goahead", "scope": "eq", "trust": 1.8, "vendor": "embedthis", "version": "3.6.5" }, { "model": "goahead", "scope": "eq", "trust": 0.8, "vendor": "embedthis", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "NVD", "id": "CVE-2019-5096" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:embedthis:goahead:3.6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:embedthis:goahead:5.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:embedthis:goahead:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-5096" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Discovered by a member of Cisco Talos.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-058" } ], "trust": 0.6 }, "cve": "CVE-2019-5096", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2019-5096", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-156531", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "talos-cna@cisco.com", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-5096", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-5096", "trust": 1.8, "value": "CRITICAL" }, { "author": "talos-cna@cisco.com", "id": "CVE-2019-5096", "trust": 1.0, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-201912-058", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-156531", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-5096", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-156531" }, { "db": "VULMON", "id": "CVE-2019-5096" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "NVD", "id": "CVE-2019-5096" }, { "db": "NVD", "id": "CVE-2019-5096" }, { "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on the server. GoAhead web Server applications contain a usage of freed memory vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Embedthis Software GoAhead is an embedded Web server of American Embedthis Software company. Attackers can exploit this vulnerability to damage the heap structure and execute code", "sources": [ { "db": "NVD", "id": "CVE-2019-5096" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "VULHUB", "id": "VHN-156531" }, { "db": "VULMON", "id": "CVE-2019-5096" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-5096", "trust": 3.4 }, { "db": "TALOS", "id": "TALOS-2019-0888", "trust": 2.6 }, { "db": "JVN", "id": "JVNVU93901424", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-012628", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201912-058", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2023.0511", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-156531", "trust": 0.1 }, { "db": "ICS CERT", "id": "ICSA-23-026-06", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-5096", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-156531" }, { "db": "VULMON", "id": "CVE-2019-5096" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "NVD", "id": "CVE-2019-5096" }, { "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "id": "VAR-201912-0787", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-156531" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T13:01:57.339000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "GoAhead", "trust": 0.8, "url": "https://www.embedthis.com/goahead/" }, { "title": "Embedthis Software GoAhead Remediation of resource management error vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=103856" }, { "title": "CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit", "trust": 0.1, "url": "https://github.com/papinnon/cve-2019-5096-goahead-web-server-dos-exploit " }, { "title": "SecBooks", "trust": 0.1, "url": "https://github.com/sexybeast233/secbooks " }, { "title": "CVE-POC", "trust": 0.1, "url": "https://github.com/0xt11/cve-poc " }, { "title": "PoC", "trust": 0.1, "url": "https://github.com/jonathan-elias/poc " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/developer3000s/poc-in-github " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/hectorgie/poc-in-github " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/nomi-sec/poc-in-github " } ], "sources": [ { "db": "VULMON", "id": "CVE-2019-5096" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.1 }, { "problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-156531" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "NVD", "id": "CVE-2019-5096" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://talosintelligence.com/vulnerability_reports/talos-2019-0888" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5096" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu93901424/" }, { "trust": 0.6, "url": "https://www.talosintelligence.com/vulnerability_reports/talos-2019-0888" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0511" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/416.html" }, { "trust": 0.1, "url": "https://github.com/papinnon/cve-2019-5096-goahead-web-server-dos-exploit" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-06" }, { "trust": 0.1, "url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111096" } ], "sources": [ { "db": "VULHUB", "id": "VHN-156531" }, { "db": "VULMON", "id": "CVE-2019-5096" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "NVD", "id": "CVE-2019-5096" }, { "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-156531" }, { "db": "VULMON", "id": "CVE-2019-5096" }, { "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "db": "NVD", "id": "CVE-2019-5096" }, { "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-12-03T00:00:00", "db": "VULHUB", "id": "VHN-156531" }, { "date": "2019-12-03T00:00:00", "db": "VULMON", "id": "CVE-2019-5096" }, { "date": "2019-12-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "date": "2019-12-03T22:15:14.823000", "db": "NVD", "id": "CVE-2019-5096" }, { "date": "2019-12-02T00:00:00", "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-12-06T00:00:00", "db": "VULHUB", "id": "VHN-156531" }, { "date": "2022-06-17T00:00:00", "db": "VULMON", "id": "CVE-2019-5096" }, { "date": "2023-01-30T08:58:00", "db": "JVNDB", "id": "JVNDB-2019-012628" }, { "date": "2022-06-17T13:34:41.440000", "db": "NVD", "id": "CVE-2019-5096" }, { "date": "2023-01-28T00:00:00", "db": "CNNVD", "id": "CNNVD-201912-058" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-058" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "GoAhead\u00a0web\u00a0 Use of freed memory vulnerability in server applications", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-012628" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-058" } ], "trust": 0.6 } }