Vulnerabilities > CVE-2015-8027 - Code vulnerability in Nodejs Node.Js
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201612-43.NASL description The remote host is affected by the vulnerability described in GLSA-201612-43 (Node.js: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Service condition, or conduct man-in-the-middle attacks. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 95817 published 2016-12-14 reporter This script is Copyright (C) 2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/95817 title GLSA-201612-43 : Node.js: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201612-43. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(95817); script_version("$Revision: 2.1 $"); script_cvs_date("$Date: 2016/12/14 20:45:48 $"); script_cve_id("CVE-2015-8027", "CVE-2016-2086", "CVE-2016-2216", "CVE-2016-5325"); script_xref(name:"GLSA", value:"201612-43"); script_name(english:"GLSA-201612-43 : Node.js: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201612-43 (Node.js: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Service condition, or conduct man-in-the-middle attacks. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201612-43" ); script_set_attribute( attribute:"solution", value: "All Node.js 0.12.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/nodejs-0.12.17' All Node.js 4.6.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/nodejs-4.6.1'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nodejs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2016/12/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-libs/nodejs", unaffected:make_list("rge 0.12.17", "ge 4.6.1"), vulnerable:make_list("lt 4.6.1"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Node.js"); }NASL family MacOS X Local Security Checks NASL id MACOSX_XCODE_81.NASL description The version of Apple Xcode installed on the remote macOS or Mac OS X host is prior to 8.1. It is, therefore, affected by multiple remote code execution vulnerabilities in the Node.js component of the Xcode Server. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code. last seen 2020-05-06 modified 2016-11-17 plugin id 94935 published 2016-11-17 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94935 title Apple Xcode < 8.1 Node.js Multiple RCE (macOS) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(94935); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/05"); script_cve_id( "CVE-2015-3193", "CVE-2015-3194", "CVE-2015-6764", "CVE-2015-8027", "CVE-2016-0702", "CVE-2016-0705", "CVE-2016-0797", "CVE-2016-1669", "CVE-2016-2086", "CVE-2016-2216" ); script_bugtraq_id( 78207, 78209, 78623, 83141, 83282, 83754, 83763, 90584 ); script_xref(name:"APPLE-SA", value:"APPLE-SA-2016-10-27-1"); script_name(english:"Apple Xcode < 8.1 Node.js Multiple RCE (macOS)"); script_set_attribute(attribute:"synopsis", value: "An IDE application installed on the remote macOS or Mac OS X host is affected by multiple remote code execution vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Apple Xcode installed on the remote macOS or Mac OS X host is prior to 8.1. It is, therefore, affected by multiple remote code execution vulnerabilities in the Node.js component of the Xcode Server. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code."); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT207268"); # http://lists.apple.com/archives/security-announce/2016/Oct/msg00005.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a0f77052"); script_set_attribute(attribute:"solution", value: "Upgrade to Apple Xcode version 8.1 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-0705"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/27"); script_set_attribute(attribute:"patch_publication_date", value:"2016/10/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/17"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:xcode"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("macosx_xcode_installed.nasl"); script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "installed_sw/Apple Xcode"); exit(0); } include('vcf.inc'); get_kb_item_or_exit('Host/local_checks_enabled'); os = get_kb_item('Host/MacOSX/Version'); if (empty_or_null(os)) audit(AUDIT_OS_NOT, 'macOS or Mac OS X'); app_info = vcf::get_app_info(app:'Apple Xcode'); vcf::check_granularity(app_info:app_info, sig_segments:2); constraints = [ { 'fixed_version' : '8.1' } ]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-46.NASL description This update contains nodejs 4.2.4 and fixes the following issues : - CVE-2015-6764: unspecified out-of-bounds access vulnerability (boo#956902) - CVE-2015-8027: unspecified denial of service vulnerability (boo#956901) The following non-security bugs were fixed : - boo#948045: Nodejs 4.0 rpm does not install addon-rpm.gypi - boo#961254: common.gypi should install at /usr/share/node and npm requires nodejs-devel Also contains all upstream bug fixes and improvements in the 4.2.2, 4.2.3 and 4.2.4 releases. last seen 2020-06-05 modified 2016-01-25 plugin id 88130 published 2016-01-25 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/88130 title openSUSE Security Update : nodejs (openSUSE-2016-46) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-46. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(88130); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-6764", "CVE-2015-8027"); script_name(english:"openSUSE Security Update : nodejs (openSUSE-2016-46)"); script_summary(english:"Check for the openSUSE-2016-46 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update contains nodejs 4.2.4 and fixes the following issues : - CVE-2015-6764: unspecified out-of-bounds access vulnerability (boo#956902) - CVE-2015-8027: unspecified denial of service vulnerability (boo#956901) The following non-security bugs were fixed : - boo#948045: Nodejs 4.0 rpm does not install addon-rpm.gypi - boo#961254: common.gypi should install at /usr/share/node and npm requires nodejs-devel Also contains all upstream bug fixes and improvements in the 4.2.2, 4.2.3 and 4.2.4 releases." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=948045" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=956901" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=956902" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=961254" ); script_set_attribute( attribute:"solution", value:"Update the affected nodejs packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nodejs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nodejs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nodejs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nodejs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:npm"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/01/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1|SUSE13\.2|SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2 / 42.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"nodejs-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nodejs-debuginfo-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nodejs-debugsource-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nodejs-devel-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"nodejs-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"nodejs-debuginfo-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"nodejs-debugsource-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"nodejs-devel-4.2.4-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"nodejs-4.2.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"nodejs-debuginfo-4.2.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"nodejs-debugsource-4.2.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"nodejs-devel-4.2.4-15.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"npm-4.2.4-15.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nodejs / nodejs-debuginfo / nodejs-debugsource / nodejs-devel / npm"); }
References
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html
- http://www.securityfocus.com/bid/78207
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV79524
- http://www-01.ibm.com/support/docview.wss?uid=swg21972419
- https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/
- https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/
- https://security.gentoo.org/glsa/201612-43