You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've found that the code snippet in int JtR_MDC2_Update(JtR_MDC2_CTX *c, const unsigned char *in, size_t len) is quite familiar with the vulnerable code snippet in CVE-2016-6303, which will cause an integer overflow and then result in a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
The text was updated successfully, but these errors were encountered:
@the-Chain-Warden-thresh Is this part of a research project on finding embedded copies of code with previously known bugs? A paper upcoming?
This CVE description is:
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
We may look into updating to newer upstream code (or switch to calling into OpenSSL when available, why do we even have a copy of the code?), but I think this has no impact (let alone security impact) in JtR since the inputs are candidate passwords, which in JtR are of limited length (currently up to 125).
I've found that the code snippet in int JtR_MDC2_Update(JtR_MDC2_CTX *c, const unsigned char *in, size_t len) is quite familiar with the vulnerable code snippet in CVE-2016-6303, which will cause an integer overflow and then result in a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
The text was updated successfully, but these errors were encountered: