J-Security Center

Title: Hashcash Remote Heap Buffer Overflow Vulnerability

Severity: HIGH

Description:

Hashcash is a denial-of-service countermeasure to help Hashcash users avoid losing email due to anti-spam systems. Implementations exist for multiple platforms in multiple programming languages.

A buffer-overflow vulnerability exists in the generic C implementation of Hashcash. This issue is due to the software's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue presents itself due to the 'array_push()' function failing to allocate sufficient memory in a 'realloc()' call. This may result in heap memory being overwritten with attacker-supplied data.

This issue may allow attackers to execute arbitrary machine code in the context of the affected application. This may facilitate the remote compromise of affected computers.

Hashcash versions prior to 1.21 are vulnerable to this issue.

Affected Products:

  • Debian Linux 3.1.0
  • Debian Linux 3.1.0 alpha
  • Debian Linux 3.1.0 amd64
  • Debian Linux 3.1.0 arm
  • Debian Linux 3.1.0 hppa
  • Debian Linux 3.1.0 ia-32
  • Debian Linux 3.1.0 ia-64
  • Debian Linux 3.1.0 m68k
  • Debian Linux 3.1.0 mips
  • Debian Linux 3.1.0 mipsel
  • Debian Linux 3.1.0 ppc
  • Debian Linux 3.1.0 s/390
  • Debian Linux 3.1.0 sparc
  • Gentoo Linux
  • Hashcash Hashcash 1.0.0
  • Hashcash Hashcash 1.0.0 1
  • Hashcash Hashcash 1.0.0 2
  • Hashcash Hashcash 1.0.0 3
  • Hashcash Hashcash 1.0.0 4
  • Hashcash Hashcash 1.0.0 5
  • Hashcash Hashcash 1.0.0 6
  • Hashcash Hashcash 1.0.0 7
  • Hashcash Hashcash 1.0.0 8
  • Hashcash Hashcash 1.0.0 9
  • Hashcash Hashcash 1.10.0
  • Hashcash Hashcash 1.11.0
  • Hashcash Hashcash 1.12.0
  • Hashcash Hashcash 1.13.0
  • Hashcash Hashcash 1.14.0
  • Hashcash Hashcash 1.15.0
  • Hashcash Hashcash 1.16.0
  • Hashcash Hashcash 1.17.0
  • Hashcash Hashcash 1.18
  • Hashcash Hashcash 1.19
  • Hashcash Hashcash 1.20

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.