CPANSA-HTTP-Session2-2018-01: HTTP-Session2 vulnerability

Publisher	giterlizzi	Document category	csaf_security_advisory
Initial release date	2018-01-26T00:00:00	Engine	CSAF Perl Toolkit 0.26
Current release date	2018-01-26T00:00:00	Build Date
Current version	1	Status	final
CVSS v3.1 Base Score	6.5	Severity	Critical
Original language		Language	en
Also referred to

Vulnerability Description

HTTP::Session2 1.09 does not validate session id, this causes RCE depending on the session store you use.

Vulnerabilities

CVE-2018-25160

Vulnerability Description

HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend.

For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject memcached commands in the session id value.

Weakness	CWE-20 : Improper Input Validation

Product status

Known affected

Product

Score

HTTP-Session2 less than 1.10

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	6.5	Medium

Fixed

HTTP-Session2 greater than or equal 1.10

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

CPANSA-HTTP-Session2-2018-01 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2018/cpansa-http-session2-2018-01.json
https://metacpan.org/changes/distribution/HTTP-Session2 external
https://metacpan.org/changes/distribution/HTTP-Session2
https://github.com/tokuhirom/HTTP-Session2/commit/813838f6d08034b6a265a70e53b59b941b5d3e6d external
https://github.com/tokuhirom/HTTP-Session2/commit/813838f6d08034b6a265a70e53b59b941b5d3e6d
CVE-2018-25160 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2018-25160

Revision history

Version	Date of the revision	Summary of the revision
1	Fri Jan 26 00:00:00 2018	First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/