This issue was found by Aviatrix and reported to PwC. Due to the severity of the issue, the researcher was awarded a bounty of $250. A second issue was discovered in otfcccommit that could allow an attacker to bypass the code signing enforcement on a vulnerable system. This issue was discovered by a researcher at Tensta University and reported to PwC. Due to the severity of the issue, the researcher was awarded a bounty of $250. CVE-2018-15469 - Heap buffer overflow in otfcccommit (CVE-2018-15469)
CVE-2018-15469 - Heap buffer overflow in otfcccommit (CVE-2018-15469)
CVE-2018-15469 - Heap buffer overflow in otfcccommit (CVE-2018-15469)
Affected Products, Vendors and versions OTFCCUMMIT is a part of the OTFCC tool suite. In order to assess the impact of this vulnerability on your specific environment, you will need to determine the version numbers of all affected products. Vendor Vendor Confirmed versions affected otfcccommit 5.0.0 - 5.0.1
Anchor version Confirmed affected versions affected otfcccommit 5.0.2
Anchor version Confirmed affected versions affected otfcccommit 5.0.3 - 7.1.0
Anchor version Confirmed affected versions affected o
OTFCCUMMIT VENDOR ADVISORY: TENSTA UNIVERSITY DISCOVERED A SECOND HEAP BUG IN OTFCCUMMIT
CVE-2018-15469 - Heap buffer overflow in otfcccommit (CVE-2018-15469)
This issue was found by Aviatrix and reported to PwC. Due to the severity of the issue, the researcher was awarded a bounty of $250. A second issue was discovered in otfcccommit that could allow an attacker to bypass the code signing enforcement on a vulnerable system. This issue was discovered by a researcher at Tensta University and reported to PwC. Due to the severity of the issue, the researcher was awarded a bounty of $250.
Mitigation strategies
Upgrade to the latest version of OTFCCUMMIT. For example, upgrade from 5.0 to 5.0.2 or upgrade from 7.1 to 7.1.1
- Upgrade to OTFCCUMMIT v5.0 or higher
- Upgrade your system software to at least one of the following versions:
- 1) Windows 10 1809,
- 2) Windows 10 1709,
- 3) Windows 10 1607,
- 4) Windows Server 2016,
- 5) Ubuntu 14.04 LTS (Trusty Tahr),
- 6) Ubuntu 16.04 LTS (Xenial Xerus),
- 7) Debian 9 Stretch
Vulnerability summary
An issue was found in the OTFCCUMMIT tool suite that could allow an attacker to bypass the code signing enforcement on a vulnerable system. The vulnerability could be exploited by loading a maliciously crafted otfcccommit library and executing a specially crafted otfcccommit command.
The Heap buffer overflow vulnerability in otfcccommit is caused by a lack of validation on remote data passed through the "o" flag. This issue allows attackers to execute arbitrary code on vulnerable systems.
For more information about this issue, please refer to the researcher's blog post at https://medium.com/@yalen_c/otfcccommit-remote-stack-buffer-overflow-cve-2018-15469-148d4f4e2fe8
Timeline
Published on: 10/14/2022 12:15:00 UTC
Last modified on: 10/15/2022 02:14:00 UTC