- Affected Functions
Improper input validation of octal strings in rust-lang standard library
net allows unauthenticated remote attackers to perform
indeterminate SSRF, RFI, and LFI attacks on many programs that rely on rust-lang std::net.
IP address octects are left stripped instead of evaluated as valid IP addresses.
For example, an attacker submitting an IP address to a web application that relies on
could cause SSRF via inputting octal input data;
An attacker can submit exploitable IP addresses if the octet is 3 digits,
with the minimum exploitable octet being 08 (Denial of Service) and the maximum exploitable octet is 099 (Denial of Service).
For example, an attacker can submit
010.8.8.8, which is
220.127.116.11 (RFI), yet
std::net::IpAddr will evaluate this as
Equally, an attacker can input
127.0.026.1 which is really
127.0.22.1 but rust evaluates it as