Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-20314: Remote stack buffer overflow in libspf2

Related Vulnerabilities: CVE-2021-20314  
Source 
                #### Description

#### Attack type

Remote

#### Impact

(x) Code Execution (x) Denial of Service

#### Attack vector(s):

#### Patch

The issue has been fixed in github commit c37b7c1:

https://github.com/shevek/libspf2/commit/c37b7c13c30e225183899364b9f2efdfa85552ef

#### Discoverer(s)/Credits

Philipp Jeitner and Haya Shulman, Fraunhofer SIT

philipp.jeitner () sit fraunhofer de
haya.shulman () sit fraunhofer de

#### Reference(s)

 - libspf2: https://www.libspf2.org/, https://github.com/shevek/libspf2

#### Details and information to reproduce the vulnerability

To reproduce, set the SPF record of a domain you control like listed below:

    example.com. 300    IN      TXT     "v=spf1 exp=exp.example.com"

    # spfquery --sender someone () example com -ip 1.2.3.4
    *** stack smashing detected ***: terminated
    Aborted (core dumped)

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started