CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
45.1%
Package : libsoap-lite-perl
Version : 0.714-1+deb7u1
CVE ID : CVE-2015-8978
It was discovered that there was a "Billion Laughs" [0] XML expansion
vulnerability in libsoap-lite-perl, a Perl implementation of a SOAP [1] client
and server.
For Debian 7 "Wheezy", this issue has been fixed in libsoap-lite-perl version
0.714-1+deb7u1.
We recommend that you upgrade your libsoap-lite-perl packages.
[0] https://en.wikipedia.org/wiki/Billion_laughs
[1] https://en.wikipedia.org/wiki/SOAP
Regards,
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | all | libsoap-lite-perl | < 0.714-1+deb7u1 | libsoap-lite-perl_0.714-1+deb7u1_all.deb |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
45.1%