Описание
[REJECTED CVE] A vulnerability has been identified in Openslp in ParseExtension() function in slp_message.c file. Attacker can force the function to enter the infinte loop causing denial of service via packet with crafted "nextoffset" value and "extid" value.
Отчет
This flaw was found to be a duplicate of CVE-2010-3609. Please see https://access.redhat.com/security/cve/CVE-2010-3609 for information about affected products and security errata.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | openslp | Not affected | ||
| Red Hat Enterprise Linux 7 | openslp | Not affected |
Показывать по
Дополнительная информация
3.3 Low
CVSS2
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3609. Reason: This candidate is a reservation duplicate of CVE-2010-3609. Notes: All CVE users should reference CVE-2010-3609 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3609. Reason: This candidate is a reservation duplicate of CVE-2010-3609. Notes: All CVE users should reference CVE-2010-3609 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
3.3 Low
CVSS2