Home > Vulnerability Database > CVE-2020-11939

Mend Vulnerability Database

CVE-2020-11939

Good to know:

Date: April 23, 2020

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis.

Language: C

Severity Score

9.8

Related Resources (5)

Url: https://securitylab.github.com/advisories/GHSL-2020-051_052-ntop-ndpi

Url: https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202

Url: https://security-tracker.debian.org/tracker/CVE-2020-11939

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-11939

Url: https://www.mend.io/vulnerability-database/CVE-2020-11939

Severity Score

9.8

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Top Fix

Upgrade Version

No fix version available

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend Vulnerability Database

We found results for “”

CVE-2020-11939

Good to know:

Date: April 23, 2020

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?