CVE-2013-0183

Published Mar 1, 2013

Last updated 2 years ago

Overview

Description: multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98CBCA07-8EEC-49D0-8C17-7887ABB63ED6"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93B65658-8E1B-4832-822A-1C3770B33BB9"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E9E3412-6D9C-46FC-806E-0E0D310D4DDE"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10A95FAF-3314-4F3F-8619-DAED41648AE3"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00901558-9028-4BDF-AFE6-502DF2632069"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A8CBC63-DBA8-4A4E-87D7-5B891CDF7091"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F6A8485-8F4B-42E8-81ED-84CE5CE8E27D"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBEE2AAF-1575-44F7-9B1B-87504E0425E0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A3DD73E-6BD4-4C18-A4B8-AFA6860A4585"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95E3FF6F-58C3-4491-BBD1-C4C13287A07D"
          },
          {
            "criteria": "cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C04A5634-62C7-4B01-B644-06A6A1D5A828"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References