CVE-2018-5704

NameCVE-2018-5704
DescriptionOpen On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1253-1, DSA-4093-1
NVD severityhigh (attack range: remote)
Debian Bugs887488

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openocd (PTS)jessie (security), jessie0.8.0-4+deb7u1fixed
stretch (security), stretch0.9.0-1+deb8u1fixed
buster, sid0.10.0-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
openocdsource(unstable)0.10.0-4high887488
openocdsourcejessie0.8.0-4+deb7u1highDSA-4093-1
openocdsourcestretch0.9.0-1+deb8u1highDSA-4093-1
openocdsourcewheezy0.5.0-1+deb7u1highDLA-1253-1

Notes

https://sourceforge.net/p/openocd/mailman/message/36188041/
http://openocd.zylin.com/4330
http://openocd.zylin.com/4331
http://openocd.zylin.com/4335

Search for package or bug name: Reporting problems