CVE-2020-11939

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-11939

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11939.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-11939

Downstream

DEBIAN-CVE-2020-11939

Related

UBUNTU-CVE-2020-11939

Published

2020-04-23T15:15:14Z

Modified

2025-10-21T05:21:09.090931Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concathashstring in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis.

References

Affected packages

Git / github.com/ntop/ndpi

Affected ranges

Type: GIT
Repo: https://github.com/ntop/ndpi
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7ce478a58b4dd29a8d1e6f4e9df2f778613d9202

Affected versions

1.*

1.6

1.7

1.8

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "90098555392621792655444497843304198377",
                "248088919110891696402383954492473434854",
                "103205715107850172623242300030265280107",
                "106931574814506455094342183445124275976",
                "256223543501167444157102483769890330241",
                "36730755761917650802390084511422679341",
                "186998852720266838799523855363183783887",
                "185335030166029547406247007661411730390",
                "226757989763120151439488222310783251886",
                "306971311188099745823684004607826649980",
                "311468897869830441894343710491978672644",
                "250885279769554835181950345265473491468",
                "303145487143888301726310878257127237580",
                "49179849989099264623126266977899134858",
                "196751063030876352374082677123802447793",
                "80454884451883005323606728084617810275",
                "74250334664598201673095961881215789230",
                "230351351768418757198115691252772704413",
                "199771834766053173464310199541677224437",
                "62589407157362015951869353400318022483",
                "20941458010234872475888698619707263428",
                "57272967599891703381530692916475999999",
                "121441051357440296551195743271757813125",
                "21469495011726260511774075317546701077",
                "177197553529436440170169005138441807140",
                "303145487143888301726310878257127237580",
                "49179849989099264623126266977899134858",
                "196751063030876352374082677123802447793",
                "80454884451883005323606728084617810275",
                "74250334664598201673095961881215789230",
                "230351351768418757198115691252772704413",
                "199771834766053173464310199541677224437",
                "62589407157362015951869353400318022483",
                "20941458010234872475888698619707263428",
                "226757989763120151439488222310783251886",
                "306971311188099745823684004607826649980",
                "311468897869830441894343710491978672644",
                "250885279769554835181950345265473491468",
                "303145487143888301726310878257127237580",
                "49179849989099264623126266977899134858",
                "196751063030876352374082677123802447793",
                "80454884451883005323606728084617810275",
                "74250334664598201673095961881215789230",
                "230351351768418757198115691252772704413",
                "199771834766053173464310199541677224437",
                "62589407157362015951869353400318022483",
                "20941458010234872475888698619707263428",
                "57272967599891703381530692916475999999",
                "121441051357440296551195743271757813125",
                "21469495011726260511774075317546701077",
                "177197553529436440170169005138441807140",
                "303145487143888301726310878257127237580",
                "49179849989099264623126266977899134858",
                "196751063030876352374082677123802447793",
                "80454884451883005323606728084617810275",
                "74250334664598201673095961881215789230",
                "230351351768418757198115691252772704413",
                "199771834766053173464310199541677224437",
                "62589407157362015951869353400318022483",
                "20941458010234872475888698619707263428",
                "226757989763120151439488222310783251886",
                "306971311188099745823684004607826649980",
                "311468897869830441894343710491978672644",
                "250885279769554835181950345265473491468",
                "303145487143888301726310878257127237580",
                "49179849989099264623126266977899134858",
                "39528483705297221797883597212464487118",
                "279887832145773530318018006419191556265",
                "27337239312858035367681845572483571849",
                "199771834766053173464310199541677224437",
                "62589407157362015951869353400318022483",
                "20941458010234872475888698619707263428",
                "57272967599891703381530692916475999999",
                "121441051357440296551195743271757813125",
                "21469495011726260511774075317546701077",
                "177197553529436440170169005138441807140",
                "303145487143888301726310878257127237580",
                "49179849989099264623126266977899134858",
                "39528483705297221797883597212464487118",
                "279887832145773530318018006419191556265",
                "27337239312858035367681845572483571849",
                "129613934731430132222472386221150942694",
                "85718418905613519250742540026416103130",
                "280420456888903253897954805707563812709"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2020-11939-76b3bb79",
        "target": {
            "file": "src/lib/protocols/ssh.c"
        },
        "source": "https://github.com/ntop/ndpi/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 3519.0,
            "function_hash": "321790383128337468983970469050623318505"
        },
        "signature_type": "Function",
        "id": "CVE-2020-11939-d3e84ed3",
        "target": {
            "file": "src/lib/protocols/ssh.c",
            "function": "concat_hash_string"
        },
        "source": "https://github.com/ntop/ndpi/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202",
        "deprecated": false
    }
]