73 matches found
CVE-2017-15865
bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...
Design/Logic Flaw
bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...
CVE-2017-15865
bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...
CVE-2017-15865
CVE-2017-15865 affects FRR (bgpd) in FRRouting before 2.0.2 and in 3.x before 3.0.2, used in Cumulus Linux before 3.4.3. A malformed BGP UPDATE from a connected peer can trigger transmission of up to thousands of unintended bytes, causing information disclosure. The issue stems from mishandled at...
CVE-2017-15865
bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...
PT-2017-14247 · Cumulus +2 · Cumulus Linux +2
Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions 2.0.2 and earlier, 3.x before 3.0.2 FRRouting FRR in Cumulus Linux before 3.4.3 Description: The issue allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer. Thi...
CVE-2015-5699
The Switch Configuration Tools Backend clcmdserver in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label...
Command injection
The Switch Configuration Tools Backend clcmdserver in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label...
CVE-2015-5699
The Switch Configuration Tools Backend clcmdserver in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label...
CVE-2015-5699
The CVE-2015-5699 entry concerns Cumulus Linux 2.5.3 and earlier, where the Switch Configuration Tools Backend (clcmd_server) is vulnerable to local command injection. The vulnerability arises because clcmd_server executes shell commands appended to the end of a cl-rctl command label if the label...
CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation
Title =================== Cumulus Linux's Switch Configuration Tools Backend, clcmdserver, Vulnerable to Local Privilege Escalation Summary =================== Cumulus Linux's Switch Configuration Tools Backend, clcmdserver, is vulnerable to local privilege escalation via Command Injection. Cumul...
Cumulus Linux's Switch Configuration Tools Backend privilege escalation
Privilege escalation via command injection...
Cumulus Linux 2.5.3 Privilege Escalation
Title =================== Cumulus Linux's Switch Configuration Tools Backend, clcmdserver, Vulnerable to Local Privilege Escalation Summary =================== Cumulus Linux's Switch Configuration Tools Backend, clcmdserver, is vulnerable to local privilege escalation via Command Injection. Cumul...