CVE-2019-14459

Опубликовано: 31 июл. 2019

Источник: debian

Описание

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
nfdump	fixed	1.6.18-1		package
nfdump	no-dsa		buster	package

Примечания

https://github.com/phaag/nfdump/issues/171
https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b

Связанные уязвимости

CVE-2019-14459

CVSS3: 7.5

ubuntu

больше 6 лет назад

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).

CVE-2019-14459

CVSS3: 7.5

nvd

больше 6 лет назад

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).

GHSA-x7mr-9cvr-mx38

CVSS3: 7.5

github

больше 3 лет назад

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).