Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-1000872

Опубликовано: 20 дек. 2018
Источник: debian

Описание

OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python-pykmipfixed0.7.0-3package
python-pykmipfixed0.5.0-4+deb9u1stretchpackage

Примечания

  • https://github.com/OpenKMIP/PyKMIP/commit/3a7b880bdf70d295ed8af3a5880bab65fa6b3932

  • https://github.com/OpenKMIP/PyKMIP/issues/430

Связанные уязвимости

ubuntu логотип

CVE-2018-1000872

CVSS3: 6.5
ubuntu
около 7 лет назад

OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0.

redhat логотип

CVE-2018-1000872

CVSS3: 7.5
redhat
почти 8 лет назад

OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0.

nvd логотип

CVE-2018-1000872

CVSS3: 6.5
nvd
около 7 лет назад

OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0.

github логотип

GHSA-gfv6-cj92-g3hx

CVSS3: 6.5
github
около 7 лет назад

PyKMIP Denial of service vulnerability