PT-2018-5402 · Ccn-Lite · Ccn-Lite
Blacksheeep
·
Publicado
2018-02-07
·
Atualizado
2019-10-03
·
CVE-2017-12463
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
CCN-lite versions prior to 2.00
Description:
The issue is related to a memory leak in the
ccnl app RX function, which can be exploited by context-dependent attackers to cause a denial of service due to memory consumption. This occurs when an envelope s structure pointer is involved and the packet format is unknown.Recommendations:
For versions prior to 2.00, update to version 2.00 or later to resolve the issue.
Correção
Missing Release of Resource after Effective Lifetime
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ccn-Lite