← volver
CVE-2017-7401

CVE-2017-7401

EPSS 4.0%
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2017:1285https://access.redhat.com/errata/RHSA-2017:1787https://access.redhat.com/errata/RHSA-2018:2615https://github.com/collectd/collectd/issues/2174http://www.securityfocus.com/bid/97321