On Wed, Jan 17, 2018 at 10:50:44AM +0100, Guido Günther wrote: > the following vulnerability was published for openocd. > > CVE-2018-5704[0]: > | Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use > | HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote > | attackers to conduct cross-protocol scripting attacks, and consequently > | execute arbitrary commands, via a crafted web site. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2018-5704 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5704 > > Please adjust the affected versions in the BTS as needed.
I see Salvatore has marked this as affecting 0.10.0-3, I'm not sure there's any reason to believe 0.9.0-1 isn't affected as well but I will need to check later today. Upstream still seem to be discussing the best fix but I think at least: http://openocd.zylin.com/#/c/4335/ and http://openocd.zylin.com/#/c/4331/ seem appropriate pending anything more complete. J. -- Revd Jonathan McDowell, ULC | I've got a trigger inside.