Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveTalosCVE-2017-12130
HistoryJan 20, 2018 - 12:29 a.m.

CVE-2017-12130

2018-01-2000:29:00
CWE-476
talos
web.nvd.nist.gov
69
exploit
vulnerability
null pointer
tinysvcmdns
denial of service
nvd
cve-2017-12130

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.011

Percentile

84.2%

JSON

An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the library dereference a NULL pointer leading to a server crash and denial of service. An attacker needs to send a DNS query to trigger this vulnerability.

Affected configurations

Nvd
Vulners
Node
tinysvcmdns_projecttinysvcmdnsMatch2017-11-05
VendorProductVersionCPE
tinysvcmdns_projecttinysvcmdns2017-11-05cpe:2.3:a:tinysvcmdns_project:tinysvcmdns:2017-11-05:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Tinysvcmdns",
    "vendor": "Talos",
    "versions": [
      {
        "status": "affected",
        "version": "tinysvcmdns 2017-11-05"
      }
    ]
  }
]

Related

talosblog 1
ubuntucve 1
cvelist 1
nvd 1
prion 1
talos 1
kitploit 1
talosblog
talosblog
Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerability
2018-01-17 09:46:00
ubuntucve
ubuntucve
CVE-2017-12130
2018-01-20 00:00:00
cvelist
cvelist
CVE-2017-12130
2018-01-20 00:00:00
nvd
nvd
CVE-2017-12130
2018-01-20 00:29:00
prion
prion
Null pointer dereference
2018-01-20 00:29:00
talos
talos
Tinysvcmdns Multi-label DNS mdns_parse_qn Denial Of Service Vulnerability
2018-01-17 00:00:00
kitploit
kitploit
Cotopaxi - Set Of Tools For Security Testing Of Internet Of Things Devices Using Specific Network IoT Protocols
2019-10-17 11:53:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.011

Percentile

84.2%

JSON
Related for CVE-2017-12130
talosblog1ubuntucve1cvelist1nvd1prion1talos1kitploit1