Dave, On Sun, 2020-07-05 at 11:59 +0100, Dave Howorth wrote:
I just looked at the openSUSE bug report and went from there to various other links, including https://www.exploit-db.com/exploits/45760 but I still don't understand what the vulnerability actually is?
It claims "Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)"
(and note that Artha says it is a thesaurus rather than a spelling app)
and the exploit itself is a python script that creates a small file containing 256 instances of the letter 'A'.
But I don't understand what this has to do with Artha? Or what problem it causes (or even can cause?) What is one supposed to do with this script and Artha to cause a DOS? And what exactly gets DOSed - just Artha or my entire system or what? And how exactly would a python script get into my system and somehow run to interact with Artha to cause whatever probelm is alleged?
Exactly what is the alleged problem?
I am not an expert here, but that has never stopped me from hazarding a guess ;-) The problem seems to be that artha has a buffer overflow in its code, which can be exploited by a specifically crafted script -- the python script in that example, for instance -- to DDOS your system. The python script can get into your system by any number of ways: website caches, downloading malicious attachments from emails, etc. The exploit has been in the open since 2018 -- not just alleged, but demonstrated and reproduced using that script -- so I would think it is, by now, rather straightforward for anyone to exploit. Cheers, -- Atri Bhattacharya Sun 5 Jul 14:39:14 CEST 2020 Sent from openSUSE Tumbleweed on my laptop. -- To unsubscribe, e-mail: opensuse-support+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-support+owner@opensuse.org