3 matches found
SUSE CVE-2017-9445
In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and...
Jodd 注入漏洞
Jodd is a Java-based utility toolset. A security vulnerability exists in Jodd HTTP version v6.0.9, which stems from multiple Carriage Return Line Feed CLRF injection vulnerabilities discovered via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. An attacker could exploit thi...
DEBIAN-CVE-2017-9445
In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and...