OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
Configuration 10 [-]
| AND |
|
Configuration 11 [-]
| AND |
|
Configuration 12 [-]
| AND |
|
Configuration 13 [-]
| AND |
|
Configuration 14 [-]
|
Configuration 15 [-]
| AND |
|
Configuration 16 [-]
| AND |
|
Configuration 17 [-]
| AND |
|
Configuration 18 [-]
| AND |
|
Configuration 19 [-]
| AND |
|
Configuration 20 [-]
| AND |
|
Configuration 21 [-]
| AND |
|
Configuration 22 [-]
| AND |
|
Configuration 23 [-]
| AND |
|
Configuration 24 [-]
| AND |
|
Configuration 25 [-]
| AND |
|
Configuration 26 [-]
| AND |
|
Configuration 27 [-]
| AND |
|
Configuration 28 [-]
| AND |
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 6 | |||
| openslp-1:2.0.0-3.el6 | cpe:/o:redhat:enterprise_linux:6 | RHSA-2018:2308 | 2018-07-31T00:00:00Z |
| Red Hat Enterprise Linux 7 | |||
| openslp-1:2.0.0-7.el7_5 | cpe:/o:redhat:enterprise_linux:7 | RHSA-2018:2240 | 2018-07-23T00:00:00Z |
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Canonical
Subscribe
|
Ubuntu Linux
Subscribe
|
|
Debian
Subscribe
|
Debian Linux
Subscribe
|
|
Lenovo
Subscribe
|
Bm Nextscale Fan Power Controller
Subscribe
Cmm
Subscribe
Fan Power Controller
Subscribe
Flex System Fc3171 8gb San Switch
Subscribe
Flex System Fc3171 8gb San Switch Firmware
Subscribe
Imm1
Subscribe
Imm2
Subscribe
Storage N3310
Subscribe
Storage N3310 Firmware
Subscribe
Storage N4610
Subscribe
Storage N4610 Firmware
Subscribe
Thinkserver Rd340
Subscribe
Thinkserver Rd340 Firmware
Subscribe
Thinkserver Rd350
Subscribe
Thinkserver Rd350 Firmware
Subscribe
Thinkserver Rd350g
Subscribe
Thinkserver Rd350g Firmware
Subscribe
Thinkserver Rd350x
Subscribe
Thinkserver Rd350x Firmware
Subscribe
Thinkserver Rd440
Subscribe
Thinkserver Rd440 Firmware
Subscribe
Thinkserver Rd450
Subscribe
Thinkserver Rd450 Firmware
Subscribe
Thinkserver Rd450x
Subscribe
Thinkserver Rd450x Firmware
Subscribe
Thinkserver Rd540
Subscribe
Thinkserver Rd540 Firmware
Subscribe
Thinkserver Rd550
Subscribe
Thinkserver Rd550 Firmware
Subscribe
Thinkserver Rd640
Subscribe
Thinkserver Rd640 Firmware
Subscribe
Thinkserver Rd650
Subscribe
Thinkserver Rd650 Firmware
Subscribe
Thinkserver Rq750
Subscribe
Thinkserver Rq750 Firmware
Subscribe
Thinkserver Rs160
Subscribe
Thinkserver Rs160 Firmware
Subscribe
Thinkserver Sd350
Subscribe
Thinkserver Sd350 Firmware
Subscribe
Thinkserver Td340
Subscribe
Thinkserver Td340 Firmware
Subscribe
Thinkserver Td350
Subscribe
Thinkserver Td350 Firmware
Subscribe
Thinkserver Ts460
Subscribe
Thinkserver Ts460 Firmware
Subscribe
Thinksystem Hr630x
Subscribe
Thinksystem Hr630x Firmware
Subscribe
Thinksystem Hr650x
Subscribe
Thinksystem Hr650x Firmware
Subscribe
Thinksystem Sr630
Subscribe
Thinksystem Sr630 Firmware
Subscribe
Xclarity Administrator
Subscribe
|
|
Openslp
Subscribe
|
Openslp
Subscribe
|
|
Redhat
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-1364-1 | openslp-dfsg security update |
| Debian DLA |
DLA-2025-1 | openslp-dfsg security update |
 EUVD |
EUVD-2017-8983 | OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. |
 Ubuntu USN |
USN-3708-1 | OpenSLP vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T21:06:48.960Z
Reserved: 2017-12-22T00:00:00
Link: CVE-2017-17833
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-04-23T18:29:00.663
Modified: 2024-11-21T03:18:46.777
Link: CVE-2017-17833
Redhat
OpenCVE Enrichment
No data.