CVE-2017-9732

Sažetak

The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting another services running on the targeted host.

Reference

http://packetstormsecurity.com/files/150534/knc-Kerberized-NetCat-Denial-Of-Service.html
http://seclists.org/fulldisclosure/2018/Nov/65
https://github.com/elric1/knc/commit/f237f3e09ecbaf59c897f5046538a7b1a3fa40c1
https://github.com/irsl/knc-memory-exhaustion/

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

11-01-2019 - 16:24

Objavljeno

20-12-2018 - 23:29