rpm package
suse/collectd&distro=SUSE WebYast 1.3
pkg:rpm/suse/collectd&distro=SUSE%20WebYast%201.3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-7401 | Hig | 7.5 | < 4.9.4-0.31.1 | 4.9.4-0.31.1 | Apr 3, 2017 | Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile | |
| CVE-2016-6254 | Cri | 9.1 | < 4.9.4-0.25.1 | 4.9.4-0.25.1 | Aug 19, 2016 | Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. |
- affected < 4.9.4-0.31.1fixed 4.9.4-0.31.1
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile
- affected < 4.9.4-0.25.1fixed 4.9.4-0.25.1
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.