MiracleLinux 4 : openslp-2.0.0-3.AXS4 (AXSA:2018-3270:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-3270:01 advisory. openslp: Heap memory corruption in slpd/slpdprocess.c allows denial of service or potentially code execution CVE-2017-17833 Tenable has extracted the precedi...

openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution

A heap overflow vulnerability was found in OpenSLP. An attacker could use this flaw to gain remote code execution...

openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution

A heap overflow vulnerability was found in OpenSLP. An attacker could use this flaw to gain remote code execution...

openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution

A use-after-free flaw in OpenSLP 1.x and 2.x baselines was discovered in the ProcessSrvRqst function. A failure to update a local pointer may lead to heap corruption. A remote attacker may be able to leverage this flaw to gain remote code execution...

OpenSLP 2.0.0 - Double-Free

''' | | | | | | | || | | | | -| | . | . | | . | . | | | . | | -| | | | -| -| ||| || ||||||| || || ||| || 2018-06-28 SLPD DOUBLE FREE ================ CVE-2018-12938 An issue was found in openslp-2.0.0 that can be used to induce a double free bug or memory corruption by corrupting glibc's...

OpenSLP 'SLPDProcessMessage()' Function Denial of Service Vulnerability

OpenSLP Service Location Protocol is an IETF standard protocol developed by the OpenSLP project for dynamic service discovery within the Internet. The protocol supports looking up services in the network by their types and attributes. A denial of service vulnerability exists in OpenSLP. An attack...