Описание
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Technical Description
- Product
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Technical Description
- Product
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
Дефекты
Связанные уязвимости
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
Уязвимость реализации протокола определения местоположения SLP, связанная с недостаточным контролем объема передаваемых сетевых сообщений, позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании путём регистрации произвольных служб для создания поддельного UDP-трафика
EPSS
7.5 High
CVSS3