Threat Encyclopedia

ZeroMQ.libzmq.curve_server.Stack-based.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in ZeroMQ libzmq.
A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted packet to the vulnerable service. Successful exploitation could result in denial of service conditions, or execution of arbitrary code in the security context of the service using the vulnerable library.

affected-products-logoAffected Products

ZeroMQ libzmq prior to 4.3.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/zeromq/libzmq/releases/tag/v4.3.2

CVE References

CVE-2019-13132