Back to search
CVE-2017-7401
Published: Apr 3, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
97321
vdb-entry
x_refsource_BID
RHSA-2017:1285
vendor-advisory
x_refsource_REDHAT
https://github.com/collectd/collectd/issues/2174
x_refsource_CONFIRM
RHSA-2018:2615
vendor-advisory
x_refsource_REDHAT
RHSA-2017:1787
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now