VYPR

rpm package

suse/collectd&distro=SUSE Lifecycle Management Server 1.3

pkg:rpm/suse/collectd&distro=SUSE%20Lifecycle%20Management%20Server%201.3

Vulnerabilities (2)

  • CVE-2017-7401HigApr 3, 2017
    affected < 4.9.4-0.31.1fixed 4.9.4-0.31.1

    Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile

  • CVE-2016-6254CriAug 19, 2016
    affected < 4.9.4-0.25.1fixed 4.9.4-0.25.1

    Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.