Tuesday, January 26, 2021

Vulnerability Spotlight: Denial-of-service vulnerabilities in Micrium uc-HTTP’s HTTP server



Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered two vulnerabilities in Micrium uc-HTTP’s HTTP server that could cause denial-of-service conditions. An attacker could trigger these vulnerabilities by targeting the user machine with specially crafted HTTP requests. The uC-HTTP server implementation is designed to be used on embedded systems running the µC/OS II or µC/OS III RTOS kernels. This HTTP server supports many features, including persistent connections, form processing, chunked transfer encoding, HTTP header fields processing, HTTP query string processing and dynamic content.

In accordance with our coordinated disclosure policy, Cisco Talos worked with Micrium to disclose these vulnerabilities and ensure that an update is available.


Vulnerability details

Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability (TALOS-2020-1193/CVE-2020-13582)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information. 

Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability (TALOS-2020-1194/CVE-2020-13583)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.


Versions tested

Talos tested and confirmed that these vulnerabilities affect Micrium uC-HTTP, version 3.01.00.


Coverage

The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 56199

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.