Описание
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
Ссылки
- ProductThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
- ProductThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.40 (включая)
cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00094
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 9.1
ubuntu
около 4 лет назад
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
CVSS3: 9.1
debian
около 4 лет назад
An issue was discovered in the DNS proxy in Connman through 1.40. forw ...
CVSS3: 9.1
github
почти 4 года назад
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
CVSS3: 9.1
fstec
около 4 лет назад
Уязвимость пакета dnsproxy диспетчера соединений Connman, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
EPSS
Процентиль: 27%
0.00094
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125