Описание
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-14459
- https://github.com/phaag/nfdump/issues/171
- https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
- https://lists.debian.org/debian-lts-announce/2020/09/msg00021.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULSZMKA7P7REJMANVL7D6WMZ2L7IRSET
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTONOGJU5FSMFNRCT6OHXYUMDRKH4RPA
- https://security.gentoo.org/glsa/202003-17
Связанные уязвимости
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
nfdump 1.6.17 and earlier is affected by an integer overflow in the fu ...