/

No Limit in length of username , results in memory consumption/DOS attack in ikus060/rdiffweb

Valid

Reported on

Sep 23rd 2022

Description

There must be a fixed length for user input parameters like username. Allowing users to enter long strings may result in a DOS attack or memory corruption

Proof of Concept

1)Go to https://rdiffweb-demo.ikus-soft.com/admin/users endpoint . 2)Click on add user 3)Here you will see that there is no limit for the username length that allows a user to to set a very long string as long as 1 million characters 4)This may possible result in a memory corruption/DOS attack

Mitigation: There must be a fixed length for the username - upto 256 characters

Impact

Allows an attacker to set a username with long string leading to memory corruption/possible DOS attack

Occurrences

admin_users.html L1-L122

We are processing your report and will contact the ikus060/rdiffweb team within 24 hours. 4 months ago

Patrik Dufresne assigned a CVE to this report 4 months ago

Patrik Dufresne validated this vulnerability 4 months ago

Nehal Pillai has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Patrik Dufresne marked this as fixed in 2.4.8 with commit 667657 3 months ago

Patrik Dufresne has been awarded the fix bounty

This vulnerability will not receive a CVE

admin_users.html#L1-L122 has been validated

to join this conversation

We are processing your report and will contact the ikus060/rdiffweb team within 24 hours. 4 months ago

Patrik Dufresne assigned a CVE to this report 4 months ago

Patrik Dufresne validated this vulnerability 4 months ago

Nehal Pillai has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Patrik Dufresne marked this as fixed in 2.4.8 with commit 667657 3 months ago

Patrik Dufresne has been awarded the fix bounty

This vulnerability will not receive a CVE

admin_users.html#L1-L122 has been validated

to join this conversation