MiracleLinux 4 : openslp-2.0.0-4.AXS4 (AXSA:2020-049:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-049:01 advisory. openslp: Heap-based buffer overflow in ProcessSrvRqst in slpdprocess.c leading to remote code execution CVE-2019-5544 CVE-2019-5544 OpenSLP as used in ESXi an...

MiracleLinux 4 : openslp-2.0.0-3.AXS4 (AXSA:2018-3270:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-3270:01 advisory. openslp: Heap memory corruption in slpd/slpdprocess.c allows denial of service or potentially code execution CVE-2017-17833 Tenable has extracted the precedi...

EUVD-2015-5178

Malware in sbrugna...

EUVD-2017-8983

Malware in sbrugna...

EUVD-2016-5887

Malware in sbrugna...

CVE-2021-21995

OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition...

CVE-2020-3992

OpenSLP as used in VMware ESXi 7.0 before ESXi7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free...

Advisory ROSA-SA-2025-2659

software: openslp 2.0.0 WASP: ROSA-CHROME packageevrstring: openslp-2.0.0 CVE-ID: CVE-2016-4912 BDU-ID: None CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in OpenSLP allows remote attackers to cause a denial of service via a large number of specially crafted packets. CVE-STATUS: The vulnerability...

RHEL 6 : openslp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openslp: memory corruption due to possible overflow in SLPFoldWhiteSpace in common/slpcompare.c...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in OpenSLP (CVE-2017-17833)

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerability in OpenSLP. Vulnerability Details CVEID: CVE-2017-17833 DESCRIPTION: OpenSLP, as used in multiple products, is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to...

Security Bulletin: IBM Integrated Management Module (IMM) is affected by vulnerability in OpenSLP (CVE-2017-17833)

Summary IBM Integrated Management Module IMM has addressed the following vulnerability in OpenSLP. Vulnerability Details Summary IBM Integrated Management Module IMM has addressed the following vulnerability in OpenSLP. Vulnerability Details CVEID: CVE-2017-17833 Description: OpenSLP, as used in...

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in OpenSLP (CVE-2017-17833)

Summary IBM Integrated Management Module II IMM2 for System x, Flex & BladeCenter Systems have addressed the following vulnerability in OpenSLP. Vulnerability Details Summary IBM Integrated Management Module II IMM2 for System x, Flex & BladeCenter Systems have addressed the following vulnerabili...

Ransomware Campaign Compromising VMware ESXi Servers

On February 3, 2023, French web hosting provider OVH and French CERT issued warnings about a ransomware campaign that was targeting VMware ESXi servers worldwide with a new ransomware strain dubbed “ESXiArgs.” The campaign appears to be leveraging CVE-2021-21974, a nearly two-year-old heap overfl...

Ubuntu 16.04 LTS : OpenSLP vulnerability (USN-4919-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4919-1 advisory. It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code...

USN-4919-1 openslp-dfsg vulnerability

It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code...

CVE-2020-3992

OpenSLP as used in VMware ESXi 7.0 before ESXi7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free...

NewStart CGSL MAIN 4.05 : openslp Vulnerability (NS-SA-2020-0015)

The remote NewStart CGSL host, running version MAIN 4.05, has openslp packages installed that are affected by a vulnerability: - OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range...

VMware ESXi and VMware Horizon DaaS OpenSLP Buffer Overflow Vulnerability

VMware ESXi and VMware Horizon DaaS are both products of VMware, Inc. VMware ESXi is a server virtualization platform that can be installed directly on physical servers.VMware Horizon DaaS is a suite of virtual desktop platforms built for delivering desktops and applications as a cloud computing...

CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

VMware ESXi and Horizon DaaS updates address OpenSLP remote code execution vulnerability (CVE-2019-5544)

1. Impacted Products VMware ESXi VMware Horizon DaaS 2. Introduction A vulnerability in OpenSLP was privately reported to VMware. Patches and workarounds are available to address this vulnerability in affected VMware products. 3. VMware ESXi and Horizon DaaS updates address OpenSLP remote code...