CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-17161

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile9.92th
Published2019年1月3日
Last Modified2024年11月21日

Vulnerability Description

In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.

Affected Platforms (CPE)

💻
Freebsd

Freebsd

= 11.2
💻
Freebsd

Freebsd

= 11.2
💻
Freebsd

Freebsd

= 11.2
💻
Freebsd

Freebsd

= 11.2
💻
Freebsd

Freebsd

= 11.2
💻
Freebsd

Freebsd

= 11.2
💻
Freebsd

Freebsd

= 12.0

References & Advisories

🔗 http://www.securityfocus.com/bid/106292
🔗 https://security.freebsd.org/advisories/FreeBSD-SA-18:15.bootpd.asc
🔗 http://www.securityfocus.com/bid/106292
🔗 https://security.freebsd.org/advisories/FreeBSD-SA-18:15.bootpd.asc

相關漏洞威脅

CVE-1999-032310.0

FreeBSD mmap function allows users to modify append-only or immutable files.

CVE-1999-079810.0

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-2018-1716010.0

In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by b...

CVE-2001-096910.0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw t...