CVE-2023-32560: Ivanti - Unauthenticated Stack-based Buffer Overflows (Not applicable for WAF signature)
NetScaler CTRI Team
Last Updated: 08/16/2023
Description:
A vulnerability has been discovered in Ivanti Avalanche.
The vulnerability exists in WLAvalancheService.exe version 6.4.0.0 and older, which receives communications over TCP port 1777. It can be exploited by an attacker sending specially crafted data packets containing hex strings (type 3) or a list of decimal strings separated by “;” (type 9). This can cause a buffer overflow due to a fixed-size stack-based buffer used to store the converted data.
Avalanche version 6.4.1 has fixed multiple security vulnerabilities, including CVE-2023-32560, CVE-2023-32561, CVE-2023-32562, CVE-2023-32563, CVE-2023-32564, CVE-2023-32565, and CVE-2023-32566. These vulnerabilities concern various authentication bypasses and remote code execution flaws.
Please follow the guidelines as recommended by the vendor in their Security Article
NetScaler CTRI :
NetScaler CTRI team is actively investigating this issue and will provide an update on the mitigation steps, WAF Signature soon.
Update: CTRI team has verified that the CVE-2023-32560 is not applicable for a WAF signature as it solely exploit TCP/UDP path. (https://help.ivanti.com/wl/help/en_us/ava/6.4/Avalanche/Appendices/ports.ht)
References:
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now