ID CVE-2016-4912
Summary The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.
References
Vulnerable Configurations
  • openSLP 2.0.0
    cpe:2.3:a:openslp:openslp:2.0.0
CVSS
Base: 5.0 (as of 30-03-2017 - 17:12)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-B86AE2068D.NASL
    description Security fix for CVE-2016-4912 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 92148
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92148
    title Fedora 24 : openslp (2016-b86ae2068d)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-33AD3F97D4.NASL
    description Security fix for CVE-2016-4912 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 92077
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92077
    title Fedora 22 : openslp (2016-33ad3f97d4)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-D9DBD6D339.NASL
    description Security fix for CVE-2016-4912 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 92181
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92181
    title Fedora 23 : openslp (2016-d9dbd6d339)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201707-05.NASL
    description The remote host is affected by the vulnerability described in GLSA-201707-05 (OpenSLP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenSLP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Service condition or have other unspecified impacts. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-07-10
    plugin id 101336
    published 2017-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101336
    title GLSA-201707-05 : OpenSLP: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1262.NASL
    description This update for openslp fixes two security issues and two bugs. The following vulnerabilities were fixed : - CVE-2016-4912: A remote attacker could have crashed the server with a large number of packages (bsc#980722) - CVE-2016-7567: A remote attacker could cause a memory corruption having unspecified impact (bsc#1001600) The following bugfix changes are included : - bsc#994989: Removed convenience code as changes bytes in the message buffer breaking the verification code - bsc#974655: Removed no longer needed slpd init file This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2017-01-30
    plugin id 94531
    published 2016-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94531
    title openSUSE Security Update : openslp (openSUSE-2016-1262)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0100-1.NASL
    description This update for openslp fixes two security issues and two bugs. The following vulnerabilities were fixed : - CVE-2016-4912: A remote attacker could have crashed the server with a large number of packages (bsc#980722) - CVE-2016-7567: A remote attacker could cause a memory corruption having unspecified impact (bsc#1001600) The following bugfix changes are included : - bsc#994989: Removed convenience code as changes bytes in the message buffer breaking the verification code - bsc#974655: Removed no longer needed slpd init file Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 106073
    published 2018-01-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106073
    title SUSE SLED12 / SLES12 Security Update : openslp (SUSE-SU-2018:0100-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2661-1.NASL
    description This update for openslp fixes two security issues and two bugs. The following vulnerabilities were fixed : - CVE-2016-4912: A remote attacker could have crashed the server with a large number of packages (bsc#980722) - CVE-2016-7567: A remote attacker could cause a memory corruption having unspecified impact (bsc#1001600) The following bugfix changes are included : - bsc#994989: Removed convenience code as changes bytes in the message buffer breaking the verification code - bsc#974655: Removed no longer needed slpd init file Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 94349
    published 2016-10-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94349
    title SUSE SLED12 / SLES12 Security Update : openslp (SUSE-SU-2016:2661-1)
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1329295
gentoo GLSA-201707-05
mlist [oss-security] 20160518 Re: CVE Request: null pointer deref in openslp, can be triggered remotely
sectrack 1035916
Last major update 31-03-2017 - 06:41
Published 27-03-2017 - 13:59
Last modified 10-07-2017 - 21:33
Back to Top