Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-9445
HistoryJun 28, 2017 - 6:29 a.m.

CVE-2017-9445

2017-06-2806:29:00
CWE-787
[email protected]
web.nvd.nist.gov
61
2
systemd
233
cve-2017-9445
dns
denial of service
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.528 Medium

EPSS

Percentile

97.6%

JSON

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that’s too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it.

Social References

More

Related

f5 1
nessus 13
threatpost 1
seebug 1
openvas 11
thn 1
redhatcve 1
suse 2
ubuntu 1
fedora 3
myhack58 1
osv 1
archlinux 1
checkpoint_advisories 1
ubuntucve 1
prion 1
debiancve 1
photon 2
rosalinux 1
f5
f5
K52114338 : systemd vulnerability CVE-2017-9445
2017-07-07 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : systemd, dracut (SUSE-SU-2017:1898-1)
2017-07-20 00:00:00
Fedora 24 : systemd (2017-72f0c1ea9c)
2017-07-03 00:00:00
Ubuntu 16.10 / 17.04 : systemd vulnerability (USN-3341-1)
2017-06-28 00:00:00
threatpost
threatpost
Ubuntu Fixes Linux Systemd Bug
2017-06-29 13:59:54
seebug
seebug
systemd CVE-2017-9445 Out-Of-Bounds Write Remote Code Execution Vulnerability
2017-07-01 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1216)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1853)
2021-05-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1898-1)
2021-04-19 00:00:00
thn
thn
Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response
2017-06-28 20:16:00
redhatcve
redhatcve
CVE-2017-9445
2017-06-28 04:18:51
suse
suse
Security update for systemd, dracut (important)
2017-07-19 15:09:58
Security update for SLES 12-SP2 Docker image (important)
2017-10-11 03:08:09
ubuntu
ubuntu
Systemd vulnerability
2017-06-27 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: systemd-233-6.fc26
2017-06-29 23:29:46
[SECURITY] Fedora 25 Update: systemd-231-17.fc25
2017-06-30 00:50:57
[SECURITY] Fedora 24 Update: systemd-229-22.fc24
2017-07-03 02:20:10
myhack58
myhack58
Linux burst buffer overflow vulnerability: CVE-2017-9445-vulnerability warning-the black bar safety net
2017-07-02 00:00:00
osv
osv
CVE-2017-9445
2017-06-28 06:29:00
archlinux
archlinux
[ASA-201707-2] systemd: arbitrary code execution
2017-07-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Systemd resolved dns_packet_new Heap Buffer Overflow (CVE-2017-9445)
2017-07-16 00:00:00
ubuntucve
ubuntucve
CVE-2017-9445
2017-06-27 00:00:00
prion
prion
Code injection
2017-06-28 06:29:00
debiancve
debiancve
CVE-2017-9445
2017-06-28 06:29:00
photon
photon
Important Photon OS Security Update - PHSA-2017-0053
2017-07-10 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0023
2017-07-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.528 Medium

EPSS

Percentile

97.6%

JSON
Related for CVE-2017-9445
f51nessus13threatpost1seebug1openvas11thn1redhatcve1suse2ubuntu1fedora3myhack581osv1archlinux1checkpoint_advisories1ubuntucve1prion1debiancve1photon2rosalinux1