Описание
The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2007.3_143793 (включая)
Одно из
cpe:2.3:a:perforce:perforce_server:*:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2000.1:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2000.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2001.1:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2001.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2002.1:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2002.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2003.1:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2003.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2004.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2005.1:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2005.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2006.1:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2006.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2007.2:*:*:*:*:*:*:*
cpe:2.3:a:perforce:perforce_server:2007.3:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.0651
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference.
EPSS
Процентиль: 91%
0.0651
Низкий
5 Medium
CVSS2
Дефекты
CWE-20