PT-2017-14703 · Syncbreeze · Syncbreeze
Manuel García Cárdenas
·
Published
2017-12-19
·
Updated
2018-01-04
·
CVE-2017-17088
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SyncBreeze versions 10.2.12 and earlier
Description
The issue is related to a Remote Denial of Service. It occurs because the web server does not check bounds when reading server requests in the Host header, resulting in a Buffer Overflow that causes a Denial of Service.
Recommendations
For SyncBreeze versions 10.2.12 and earlier, update to a version later than 10.2.12 to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Syncbreeze