Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:96260
HistoryJul 01, 2017 - 12:00 a.m.

systemd CVE-2017-9445 Out-Of-Bounds Write Remote Code Execution Vulnerability

2017-07-0100:00:00
Root
www.seebug.org
34

0.528 Medium

EPSS

Percentile

97.3%

JSON

Vulnerability description

Canonical’s Ubuntu developer Chris Coulson found a critical vulnerability, you can use it to remotely attack run popular of the operating system of the machine. The vulnerability number CVE-2017-9445 located in the Systemd init system and service manager .

A remote attacker can trigger a buffer overflow vulnerability via a malicious DNS response to execution of malicious code.

Experts have found that ‘systemd-resolved’ of ‘dns_packet_new’ function of the vulnerability, it is processing a DNS response, and as a local application to provide network name resolution. Whenever the system attempts the attacker controls the DNS service to find the host name when a specially crafted malicious DNS responses could lead to remote “systemd-resolved” the program to crash.

An attacker can send a large DNS response to trigger the vulnerability, causing a buffer overflow, remote code execution.

“Passed to the dns_packet_new certain size may cause it to the allocated buffer is too small. Page alignment of the digital - sizeof(DnsPacket)+ sizeof(iphdr)+ sizeof(udphdr will do so - so on x86 it will be a page-aligned digital - 80. For example, in the x86 calling the size of 4016 dns_packet_new will lead to 4096 bytes of allocation, but the 108 bytes for DnsPacket structure.“ Coulson explained.

Malicious DNS servers can use a specially crafted TCP payload to solve this problem, so that the system resolve allocated a too small buffer, then writes any data.

Vulnerability

This defect affects the Systemd version of 223, the version is earlier than 2015, 6 months, and thereafter further comprising 2017 3 month released Systemd version 233 to.

The vulnerabilities affect the Ubuntu 17.04 Edition and the 16.10 version ; the Debian version of the Stretch, also known as the Debian 9, The Buster, also known as the 10 and Sid aka Unstable); and the use of Systemd for the various other Linux distributions.

Linux user and system administrator must as soon as possible to update their operating system.

Related

f5 1
nessus 13
threatpost 1
openvas 11
thn 1
redhatcve 1
suse 2
ubuntu 1
fedora 3
myhack58 1
osv 1
archlinux 1
checkpoint_advisories 1
ubuntucve 1
prion 1
debiancve 1
cve 1
photon 2
rosalinux 1
f5
f5
K52114338 : systemd vulnerability CVE-2017-9445
2017-07-07 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : systemd, dracut (SUSE-SU-2017:1898-1)
2017-07-20 00:00:00
Fedora 24 : systemd (2017-72f0c1ea9c)
2017-07-03 00:00:00
Ubuntu 16.10 / 17.04 : systemd vulnerability (USN-3341-1)
2017-06-28 00:00:00
threatpost
threatpost
Ubuntu Fixes Linux Systemd Bug
2017-06-29 13:59:54
openvas
openvas
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1216)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1853)
2021-05-03 00:00:00
Fedora Update for systemd FEDORA-2017-29d909f5ec
2017-07-01 00:00:00
thn
thn
Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response
2017-06-28 20:16:00
redhatcve
redhatcve
CVE-2017-9445
2017-06-28 04:18:51
suse
suse
Security update for systemd, dracut (important)
2017-07-19 15:09:58
Security update for SLES 12-SP2 Docker image (important)
2017-10-11 03:08:09
ubuntu
ubuntu
Systemd vulnerability
2017-06-27 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: systemd-233-6.fc26
2017-06-29 23:29:46
[SECURITY] Fedora 25 Update: systemd-231-17.fc25
2017-06-30 00:50:57
[SECURITY] Fedora 24 Update: systemd-229-22.fc24
2017-07-03 02:20:10
myhack58
myhack58
Linux burst buffer overflow vulnerability: CVE-2017-9445-vulnerability warning-the black bar safety net
2017-07-02 00:00:00
osv
osv
CVE-2017-9445
2017-06-28 06:29:00
archlinux
archlinux
[ASA-201707-2] systemd: arbitrary code execution
2017-07-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Systemd resolved dns_packet_new Heap Buffer Overflow (CVE-2017-9445)
2017-07-16 00:00:00
ubuntucve
ubuntucve
CVE-2017-9445
2017-06-27 00:00:00
prion
prion
Code injection
2017-06-28 06:29:00
debiancve
debiancve
CVE-2017-9445
2017-06-28 06:29:00
cve
cve
CVE-2017-9445
2017-06-28 06:29:00
photon
photon
Important Photon OS Security Update - PHSA-2017-0053
2017-07-10 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0023
2017-07-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58

0.528 Medium

EPSS

Percentile

97.3%

JSON
Related for SSV:96260
f51nessus13threatpost1openvas11thn1redhatcve1suse2ubuntu1fedora3myhack581osv1archlinux1checkpoint_advisories1ubuntucve1prion1debiancve1cve1photon2rosalinux1