rpm package
suse/openslp&distro=SUSE Linux Enterprise Desktop 12 SP2
pkg:rpm/suse/openslp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4912 | Hig | 7.5 | < 2.0.0-18.2.1 | 2.0.0-18.2.1 | Mar 27, 2017 | The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure. | |
| CVE-2016-7567 | Cri | 9.8 | < 2.0.0-18.2.1 | 2.0.0-18.2.1 | Jan 23, 2017 | Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string. |
- affected < 2.0.0-18.2.1fixed 2.0.0-18.2.1
The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.
- affected < 2.0.0-18.2.1fixed 2.0.0-18.2.1
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.