SB2017012316 - Multiple vulnerabilities in OpenSLP
Published: January 23, 2017 Updated: August 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2016-4912)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a large number of crafted packets, which triggers a memory allocation failure.
2) Buffer overflow (CVE-ID: CVE-2016-7567)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://www.openwall.com/lists/oss-security/2016/05/18/6
- http://www.securitytracker.com/id/1035916
- https://bugzilla.redhat.com/show_bug.cgi?id=1329295
- https://security.gentoo.org/glsa/201707-05
- http://www.openwall.com/lists/oss-security/2016/09/27/4
- http://www.openwall.com/lists/oss-security/2016/09/28/1
- http://www.securityfocus.com/bid/93186
- https://sourceforge.net/p/openslp/mercurial/ci/34fb3aa5e6b4997fa21cb614e480de36da5dbc9a/
- https://www.exploit-db.com/exploits/45804/