RHEL 6 : openslp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openslp: memory corruption due to possible overflow in SLPFoldWhiteSpace in common/slpcompare.c...

Tera2 Zero Client and Remote Workstation Card Firmware – Service Location Protocol

A potential denial of service vulnerability has been identified in Tera2 Zero Client and Remote Workstation Card RWC Firmware when using Service Location Protocol SLP. HP is providing recommended guidance to mitigate this potential vulnerability. The Service Location Protocol SLP, RFC 2608 is...

ESXi < 7.0 Reflected Denial of Service

The remote VMware ESXi host is less than version 7.0 and is affected by a reflected denial of service vulnerability: - The Service Location Protocol SLP, RFC 2608 allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to...

CVE-2023-29552

The Service Location Protocol SLP, RFC 2608 allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor...

Code injection

The Service Location Protocol SLP, RFC 2608 allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor...

CVE-2023-29552

CVE-2023-29552 describes a DoS vulnerability in the Service Location Protocol (SLP) where an unauthenticated remote attacker can register arbitrary services, causing SLP server to respond with spoofed traffic and enabling large amplification (reported up to ~2,200x). Documented impacts include po...

CVE-2023-29552

The Service Location Protocol SLP, RFC 2608 allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. Recent assessments: Assessed Attacker Valu...

CVE-2023-29552

The Service Location Protocol SLP, RFC 2608 allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor...

[SECURITY] Fedora 30 Update: openslp-2.0.0-22.fc30

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...

[SECURITY] Fedora 28 Update: openslp-2.0.0-18.fc28

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...

[SECURITY] Fedora 26 Update: openslp-2.0.0-12.fc26

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...

[SECURITY] Fedora 25 Update: openslp-2.0.0-10.fc25

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...

[SECURITY] Fedora 23 Update: openslp-2.0.0-8.fc23

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...

[SECURITY] Fedora 24 Update: openslp-2.0.0-9.fc24

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...

[SECURITY] Fedora 20 Update: openslp-1.2.1-22.fc20

Service Location Protocol is an IETF standards track protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. OpenSLP is an open source implementation of the SLPv2 protocol as defined b...