PT-2022-8013 · Smokeping · Smokeping
Michael Orlitzky
·
Published
2022-09-20
·
Updated
2025-05-29
·
CVE-2017-20147
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SmokePing versions through 2.7.3-r1
Description
The issue allows the smokeping user to cause a denial of service to arbitrary PIDs when the service is stopped by writing arbitrary PIDs to the PID file used by the initscript.
Recommendations
For SmokePing versions through 2.7.3-r1, consider restricting write access to the PID file used by the initscript to prevent the smokeping user from writing arbitrary PIDs to it.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Smokeping