CVE-2017-15865

bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:frrouting:frrouting:3.0:rc3:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:3.0:rc0:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:3.0:*:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*
cpe:2.3:a:frrouting:frrouting:3.0.1:*:*:*:*:*:*:*
cpe:2.3:o:cumulusnetworks:cumulus_linux:*:*:*:*:*:*:*:*

Information

Published : 2017-11-08 12:29

Updated : 2017-11-29 09:38


NVD link : CVE-2017-15865

Mitre link : CVE-2017-15865


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

frrouting

  • frrouting

cumulusnetworks

  • cumulus_linux