Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8011

Опубликовано: 28 янв. 2020
Источник: debian

Описание

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
lldpdfixed0.7.19-1package
lldpdfixed0.7.11-2+deb8u1jessiepackage
lldpdnot-affectedwheezypackage
lldpdnot-affectedsqueezepackage
openvswitchfixed2.15.0~git20210104.def6eb1ea+dfsg1-1package

Примечания

  • https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2

  • https://www.openwall.com/lists/oss-security/2015/10/16/2

  • https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html

  • https://mail.openvswitch.org/pipermail/ovs-dev/2020-November/377394.html

  • https://github.com/openvswitch/ovs/commit/bb5a9937fa8e04e71052fb50e23894448d19678f

Связанные уязвимости

ubuntu логотип

CVE-2015-8011

CVSS3: 9.8
ubuntu
около 6 лет назад

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

redhat логотип

CVE-2015-8011

CVSS3: 9.8
redhat
больше 10 лет назад

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

nvd логотип

CVE-2015-8011

CVSS3: 9.8
nvd
около 6 лет назад

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

github логотип

GHSA-9f79-mcm7-48p3

github
больше 3 лет назад

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

fstec логотип

BDU:2021-01890

CVSS3: 9.8
fstec
больше 10 лет назад

Уязвимость функции lldp_decode компонента daemon/protocols/lldp.c реализации протокола LLDP под Unix Lldpd, связанная с переполнением буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании