Описание
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
lldptool can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
Отчет
Red Hat Product Security has rated this issue as having a security impact of Low, and a future update may address this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | lldpad | Will not fix | ||
| Red Hat Enterprise Linux 7 | lldpad | Fixed | RHBA-2019:2339 | 06.08.2019 |
| Red Hat Enterprise Linux 8 | lldpad | Fixed | RHSA-2019:3673 | 05.11.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
lldptool version 1.0.1 and older can print a raw, unsanitized attacker ...
EPSS
4.3 Medium
CVSS3