APP: ZeroMQ CVE-2019-13132 Stack-Based Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the ZeroMQ libzmq. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the service.
Extended Description
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.
Affected Products
Fedoraproject fedora
Short Name
APP:MISC:ZEROMQ-BO
Severity
Major
Recommended
False
Recommended Action
None
Category
APP
Keywords
Buffer CVE-2019-13132 Overflow Stack-Based ZeroMQ bid:109284
Release Date
08/19/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
Port
TCP/12345,5560
False Positive
Rarely
Vendors
Zeromq
Fedoraproject
Debian
Canonical
CVSS Score
7.5