CVE-2016-6271

Опубликовано: 18 янв. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	1.0.6-2
cosmic	not-affected	1.0.6-2
devel	not-affected	1.0.6-2
esm-apps/bionic	not-affected	1.0.6-2
esm-apps/xenial	released	1.0.2-1.2build0.16.04.1
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 91%

0.07377

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-6271

CVSS3: 7.5

nvd

около 9 лет назад

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

CVE-2016-6271

CVSS3: 7.5

debian

около 9 лет назад

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the- ...

openSUSE-SU-2017:0363-1

suse-cvrf

около 9 лет назад

Security update for bzrtp

GHSA-4qx9-9vv8-76v6

CVSS3: 7.5

github

больше 3 лет назад

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

EPSS

Процентиль: 91%

0.07377

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-6271

Описание

Пакет bzrtp

Ссылки на источники

Связанные уязвимости