Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-12132
HistoryAug 01, 2017 - 4:29 p.m.

CVE-2017-12132

2017-08-0116:29:00
CWE-770
[email protected]
web.nvd.nist.gov
145
cve-2017-12132
dns
stub resolver
glibc
libc6
off-path spoofing
ip fragmentation
nvd

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

7.1 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

55.4%

JSON

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.

CPENameOperatorVersion
gnu:glibcgnu glibcle2.25

Related

prion 1
nessus 16
ubuntucve 1
veracode 1
ibm 12
fedora 1
f5 1
debiancve 1
redhatcve 1
osv 2
openvas 12
photon 1
ubuntu 1
suse 3
mageia 2
redhat 1
amazon 1
centos 1
oraclelinux 1
rosalinux 1
prion
prion
Design/Logic Flaw
2017-08-01 16:29:00
nessus
nessus
Fedora 26 : glibc (2017-92f8958310)
2017-08-21 00:00:00
EulerOS 2.0 SP2 : glibc (EulerOS-SA-2019-1844)
2019-09-17 00:00:00
Ubuntu 16.04 ESM : GNU C Library vulnerabilities (USN-5768-1)
2022-12-08 00:00:00
ubuntucve
ubuntucve
CVE-2017-12132
2017-08-01 00:00:00
veracode
veracode
DNS Spoofing
2019-05-16 02:50:40
ibm
ibm
Security Bulletin: Open Source GNU glibc Vulnerabilities Security Bulletin: Open Source GNU glibc Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-12132)
2018-06-15 07:09:10
Security Bulletin: Vulnerabilities in Glibc affect Power Hardware Management Console ( CVE-2017-15670, CVE-2017-12132, CVE-2015-5180, CVE-2014-9402)
2021-09-22 23:05:38
Security Bulletin: IBM MQ Appliance is affected by glibc vulnerabilities
2019-01-04 11:45:01
fedora
fedora
[SECURITY] Fedora 26 Update: glibc-2.25-8.fc26
2017-08-20 18:36:31
f5
f5
K87355575 : glibc vulnerability CVE-2017-12132
2018-05-29 00:00:00
debiancve
debiancve
CVE-2017-12132
2017-08-01 16:29:00
redhatcve
redhatcve
CVE-2017-12132
2017-08-02 11:19:22
osv
osv
CVE-2017-12132
2017-08-01 16:29:00
glibc vulnerabilities
2022-12-08 13:17:39
openvas
openvas
Fedora Update for glibc FEDORA-2017-92f8958310
2017-08-21 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1844)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-5768-1)
2022-12-09 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2019-0208
2019-02-11 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2022-12-08 00:00:00
suse
suse
Security update for glibc (important)
2018-02-28 21:07:38
Security update for glibc (important)
2018-02-15 18:10:28
Security update for glibc (important)
2018-02-20 18:13:58
mageia
mageia
Updated glibc packages fix security vulnerabilities
2017-12-22 13:31:08
Updated glibc packages fix security vulnerabilities
2017-12-28 16:16:56
redhat
redhat
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update
2018-04-10 05:01:26
amazon
amazon
Important: glibc
2018-05-10 17:45:00
centos
centos
glibc, nscd security update
2018-04-26 17:41:43
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2018-04-16 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1844
2021-07-02 16:56:21

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

7.1 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

55.4%

JSON
Related for CVE-2017-12132
prion1nessus16ubuntucve1veracode1ibm12fedora1f51debiancve1redhatcve1osv2openvas12photon1ubuntu1suse3mageia2redhat1amazon1centos1oraclelinux1rosalinux1