CVE-2020-7455 (GCVE-0-2020-7455)
Vulnerability from cvelistv5 – Published: 2020-05-13 15:31 – Updated: 2024-08-04 09:25
VLAI
Summary
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd).
Severity
5.5 (Medium)
CWE
- Out-of-bounds read
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://security.FreeBSD.org/advisories/FreeBSD-S… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2020051… | x_refsource_CONFIRM |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200518-0005/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-661/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FreeBSD",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FreeBSD 12.1-RELEASE before p5, 11.4-BETA1 before p1, and 11.3-RELEASE before p9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T14:06:13.000Z",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200518-0005/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-661/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secteam@freebsd.org",
"ID": "CVE-2020-7455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FreeBSD",
"version": {
"version_data": [
{
"version_value": "FreeBSD 12.1-RELEASE before p5, 11.4-BETA1 before p1, and 11.3-RELEASE before p9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc",
"refsource": "MISC",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200518-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200518-0005/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-661/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-661/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2020-7455",
"datePublished": "2020-05-13T15:31:36.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:25:48.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-7455",
"date": "2026-06-30",
"epss": "0.00523",
"percentile": "0.40352"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-7455\",\"sourceIdentifier\":\"secteam@freebsd.org\",\"published\":\"2020-05-13T16:15:13.120\",\"lastModified\":\"2024-11-21T05:37:10.720\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd).\"},{\"lang\":\"es\",\"value\":\"En FreeBSD versiones 12.1-STABLE anteriores a r360973, versiones 12.1-RELEASE anteriores a p5, versiones 11.4-STABLE anteriores a r360973, versiones 11.4-BETA1 anteriores a p1 y versiones 11.3-RELEASE anteriores a p9, el manejador de paquetes FTP en libalias calcula incorrectamente la longitud de algunos paquetes permitiendo divulgar peque\u00f1as cantidades del kernel (para el kernel NAT) o espacio de proceso natd (para el espacio de usuario natd).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-772\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F35957CE-AF9F-40CA-BDD1-FA6A0E73783F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA929713-B797-494A-853D-C121D9D69519\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C3D8EDC-91D3-45B2-AC1D-EF4346D4A714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA5006FF-06A5-4D95-BF5B-29F26248D11F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A705031B-FD63-4076-B92E-E826E11D7111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"11C1EFB1-68E5-45F4-A7E1-744574F290D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"25F649A7-9265-4552-8934-BCE083363982\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F202C856-5B95-4796-AC4A-1F210E7BAB8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"9419C866-C478-4CDE-A9A1-E592D8FF0933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A865EA1-01D7-4E5A-9D13-80780F8A9D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B80FBD1B-D03E-4408-9150-2F86FAF7F1D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD730B6A-F123-4685-ACB3-4F20AAAB77F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"508150E3-2C0C-4EEB-BFC9-BB5CEB404C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D692EF-A5D7-430E-91BA-4CD137343B66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D50C60A7-4C9F-4636-92E9-9F5B8B01BE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C49F6C7-A740-42F4-93BB-512CBF334516\"}]}]}],\"references\":[{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200518-0005/\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-661/\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200518-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-661/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…