Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2900 to the following vulnerability: Name: CVE-2011-2900 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2900 Assigned: 20110727 Reference: http://www.openwall.com/lists/oss-security/2011/08/03/5 Reference: http://www.openwall.com/lists/oss-security/2011/08/03/9 Reference: https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0 Reference: http://www.securityfocus.com/bid/48980 Reference: http://secunia.com/advisories/45464 Reference: http://xforce.iss.net/xforce/xfdb/68991 Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011. In mongoose, the only guard against a buffer overflow is the assert call in put_dir(), which is disabled if mongoose is compiled with -DNDEBUG (which is _not_ the case in Fedora). This means that the assert is triggered, resulting in a denial of service only. Fedora is compiled as follows: /usr/bin/make 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -DSSL_LIB='''"libssl.so.10"''' -DCRYPTO_LIB='''"libcrypto.so.10"'''' linux
Created mongoose tracking bugs for this issue Affects: fedora-all [bug 729146]