Linux Distros Unpatched Vulnerability : CVE-2021-43173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to...

Debian DSA-5033-1 : fort-validator - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5033 advisory. Multiple vulnerabilities were discovered in the FORT RPKI validator, which could result in denial of service or path traversal. For the stable distribution...

DEBIAN-CVE-2021-43173

In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP...

CVE-2021-43173

In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP...

CVE-2021-43173

CVE-2021-43173 concerns NLnet Labs Routinator prior to 0.10.2. A validation run can be stalled by an RRDP repository that slowly drip-feeds bytes, exploiting the misapplied timeout (applied to individual reads/writes, not the whole request). This can cause validation to be delayed for so long tha...