Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-17432

Опубликовано: 06 дек. 2017
Источник: nvd
CVSS3: 7.5
CVSS2: 7.8
EPSS Низкий

Описание

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*
Версия от 1.0 (включая) до 1.6.22 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01235
Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-617

Связанные уязвимости

ubuntu логотип

CVE-2017-17432

CVSS3: 7.5
ubuntu
около 8 лет назад

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.

debian логотип

CVE-2017-17432

CVSS3: 7.5
debian
около 8 лет назад

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, w ...

github логотип

GHSA-f7jc-5gw7-phrf

CVSS3: 7.5
github
больше 3 лет назад

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.

EPSS

Процентиль: 79%
0.01235
Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-617