{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-04-19T00:00:00", "descriptions": [{"lang": "en", "value": "OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-05-14T23:06:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-3708-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3708-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"}, {"name": "[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.lenovo.com/us/en/solutions/LEN-18247"}, {"name": "RHSA-2018:2308", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2308"}, {"name": "RHSA-2018:2240", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2240"}, {"name": "GLSA-202005-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202005-12"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17833", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-3708-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3708-1/"}, {"name": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/", "refsource": "CONFIRM", "url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"}, {"name": "[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"}, {"name": "http://support.lenovo.com/us/en/solutions/LEN-18247", "refsource": "CONFIRM", "url": "http://support.lenovo.com/us/en/solutions/LEN-18247"}, {"name": "RHSA-2018:2308", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2308"}, {"name": "RHSA-2018:2240", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2240"}, {"name": "GLSA-202005-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202005-12"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T21:06:48.960Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3708-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3708-1/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"}, {"name": "[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.lenovo.com/us/en/solutions/LEN-18247"}, {"name": "RHSA-2018:2308", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2308"}, {"name": "RHSA-2018:2240", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2240"}, {"name": "GLSA-202005-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202005-12"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-17833", "datePublished": "2018-04-23T18:00:00", "dateReserved": "2017-12-22T00:00:00", "dateUpdated": "2024-08-05T21:06:48.960Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openslp:openslp:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9CF96BA3-6A2E-4371-8A6A-2D90BAA787A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openslp:openslp:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE8B97B6-84FF-49EF-B7FF-EEA147CEF00E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd350g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B766A835-96C7-41F7-AB60-4690F5D59A36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd350g:-:*:*:*:*:*:*:*", "matchCriteriaId": "6157D72E-534F-4DA5-AD9E-ED9BEDAD0DB0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd350x_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E02C1B7D-291F-4897-83EC-7A68697960B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd350x:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BAFE2B4-2F30-42A5-9A3F-0FAB6567EAD9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd450x_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "23D119B1-EB2A-4715-8EA4-77037E9919B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd450x:-:*:*:*:*:*:*:*", "matchCriteriaId": "313A342C-E7C4-40BE-A97F-CB4711CF154C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinksystem_hr630x_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A999E2F-A0E7-4E86-AAAB-392AA0F13027", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinksystem_hr630x:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF947D32-62E3-4957-86E2-EC3FA6F220D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinksystem_hr650x_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "92EC9023-8344-4818-A341-C6866A631F3F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinksystem_hr650x:-:*:*:*:*:*:*:*", "matchCriteriaId": "346F827E-369C-4087-BFB6-E74B1CAC1B15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinksystem_sr630_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "993EE14E-929C-4983-9BCD-9F08906EA3FC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinksystem_sr630:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7F10C8D-C9C7-4FAD-980D-7A602C8BE81D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_system_fc3171_8gb_san_switch_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAE27025-E34D-4FD4-ADC2-4DA56D2F51CD", "versionEndExcluding": "9.1.13.02.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_system_fc3171_8gb_san_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E8A3649-7EF7-4D20-B28A-63D810FA4F08", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:storage_n3310_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "087C37F7-3895-40C6-82B3-F45039E9FB9B", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:storage_n3310:-:*:*:*:*:*:*:*", "matchCriteriaId": "319412A8-D5BD-4214-AA5A-1E7383AA27A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:storage_n4610_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E974B81E-4DB3-492F-8904-2C0CFF50DD7A", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:storage_n4610:-:*:*:*:*:*:*:*", "matchCriteriaId": "D320E2FC-E2E1-45F3-9B0E-2FA647D657BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:bm_nextscale_fan_power_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5E3A306-93AA-476C-930D-DE48CBFB13D7", "versionEndExcluding": "24p-2.15", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:cmm:*:*:*:*:*:*:*:*", "matchCriteriaId": "48CE3ABD-1FA9-4E26-A873-1027955F968F", "versionEndExcluding": "1.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:fan_power_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F751FD5-004F-4C4F-9651-9EF33FA095E1", "versionEndExcluding": "30r-1.13", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:imm1:*:*:*:*:*:*:*:*", "matchCriteriaId": "64CF298E-5107-489B-9E08-93084D528F3B", "versionEndExcluding": "1.55", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:imm2:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F086091-169B-47F8-A2E8-F5437433AE87", "versionEndExcluding": "4.70", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "070219DA-DDD4-4E8A-A23B-3E46E4CB37DA", "versionEndExcluding": "1.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd340_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "639A266B-2A2F-43C9-9871-2F1E5D3AA990", "versionEndExcluding": "50.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd340:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A48E001-1D62-4A25-8C7F-D4691BAEC3DC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd350_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B63891A2-CDA8-4FC8-ADAB-512378D6B8FE", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd350:-:*:*:*:*:*:*:*", "matchCriteriaId": "A988370E-47F4-4DC3-91AB-025360D07160", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd440_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "77D8669A-6716-439E-AA6F-EF6A1456FF71", "versionEndIncluding": "50.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd440:-:*:*:*:*:*:*:*", "matchCriteriaId": "3ED7B28A-1E10-4011-8250-8E060F74E3CC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE30B73E-1918-4465-A948-829AD3D92E07", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd450:-:*:*:*:*:*:*:*", "matchCriteriaId": "B994FC89-D6B6-4191-BC53-A36211DE94F8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd550_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5017F43-C28F-4B3E-900A-96FEC8BE537D", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd550:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BDCBFD8-D031-4034-AEF9-6F31CC1C5814", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd540_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0D2D3BB-77F2-4798-BF81-B9EDB607CE94", "versionEndExcluding": "50.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd540:-:*:*:*:*:*:*:*", "matchCriteriaId": "A30925DE-F919-472F-AA5B-0E2566F99DDC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd640_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7057A245-999D-4334-AF82-305ECC09F795", "versionEndExcluding": "50.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd640:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E66D761-1400-41AE-AAB7-E54B80B3FAC8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rd650_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D6F1A92-C568-4CA4-8DBC-459B9DC93A24", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rd650:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2211D4D-0EB0-4E15-83D5-E94138D68284", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rq750_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "707CAEBE-5ED4-4755-B2DB-7A135DB0AE8A", "versionEndExcluding": "1.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rq750:-:*:*:*:*:*:*:*", "matchCriteriaId": "30A3486A-5BEF-4B6A-B516-DCABBF7DE66E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_rs160_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74A43A48-4E30-4BA6-A4C4-CA565A78B0FC", "versionEndExcluding": "2.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_rs160:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBA619AB-82E2-4E76-943A-0E68379FD583", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_sd350_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "034D2231-4D6D-42C2-8CDA-85D25B62ECFA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_sd350:-:*:*:*:*:*:*:*", "matchCriteriaId": "87959493-B6D7-4765-930C-40A9FBAED2E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_td340_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "68A5907C-6A3C-4657-8B9E-DAA6BC1681E4", "versionEndExcluding": "46.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_td340:-:*:*:*:*:*:*:*", "matchCriteriaId": "42109D0F-9FDD-4199-A946-64C453B40CFD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_td350_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "973D779E-E3F0-419A-97A1-C0F55AFC9ECE", "versionEndExcluding": "4.53.351", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_td350:-:*:*:*:*:*:*:*", "matchCriteriaId": "83BDBAD4-5483-4D37-A727-D5FE876FF26E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkserver_ts460_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "29A2F7DE-1C65-499B-98BA-E751E754312D", "versionEndExcluding": "2.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkserver_ts460:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F4EFAC5-9268-49A3-BDFF-4F1C87FA7867", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability."}, {"lang": "es", "value": "Las versiones de OpenSLP en las secuencias de c\u00f3digo 1.0.2 y 1.1.0 tienen un problema de corrupci\u00f3n de memoria relacionada con la memoria din\u00e1mica (heap), que puede manifestarse como una vulnerabilidad de denegaci\u00f3n de servicio (DoS) o de ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2017-17833", "lastModified": "2024-11-21T03:18:46.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-23T18:29:00.663", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "http://support.lenovo.com/us/en/solutions/LEN-18247"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2240"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2308"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202005-12"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3708-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "http://support.lenovo.com/us/en/solutions/LEN-18247"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2240"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2308"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202005-12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3708-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:2308", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "openslp-1:2.0.0-3.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2018-07-31T00:00:00Z"}, {"advisory": "RHSA-2018:2240", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "openslp-1:2.0.0-7.el7_5", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-07-23T00:00:00Z"}], "bugzilla": {"description": "openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution", "id": "1572166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572166"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.", "A use-after-free flaw in OpenSLP 1.x and 2.x baselines was discovered in the ProcessSrvRqst function. A failure to update a local pointer may lead to heap corruption. A remote attacker may be able to leverage this flaw to gain remote code execution."], "name": "CVE-2017-17833", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "openslp", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-04-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-17833\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-17833\nhttps://dumpco.re/blog/openslp-2.0.0-double-free"], "threat_severity": "Important"}