PT-2017-14703 · Syncbreeze · Syncbreeze
Manuel García Cárdenas
·
Publicado
2017-12-19
·
Atualizado
2018-01-04
·
CVE-2017-17088
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SyncBreeze versions 10.2.12 and earlier
Description
The issue is related to a Remote Denial of Service. It occurs because the web server does not check bounds when reading server requests in the Host header, resulting in a Buffer Overflow that causes a Denial of Service.
Recommendations
For SyncBreeze versions 10.2.12 and earlier, update to a version later than 10.2.12 to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Syncbreeze