Lucene search
RedHatRHSA-2017:1787HistoryJul 19, 2017 - 10:32 p.m.
(RHSA-2017:1787) Moderate: collectd security update
2017-07-1922:32:11
access.redhat.com
53
EPSS
0.008
Percentile
81.5%
collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files (creating them if necessary). Because the daemon does not start up each time it updates files, it has a low system footprint.
The following packages have been upgraded to a later upstream version: collectd (5.7.2). (BZ#1460080)
Security Fix(es):
- collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with “SecurityLevel None” and empty “AuthFile” options, an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service. (CVE-2017-7401)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | collectd-ipmi | < 5.7.2-1.1.el7ost | collectd-ipmi-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-ping | < 5.7.2-1.1.el7ost | collectd-ping-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-generic-jmx | < 5.7.2-1.1.el7ost | collectd-generic-jmx-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | perl-collectd | < 5.7.2-1.1.el7ost | perl-Collectd-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-openldap | < 5.7.2-1.1.el7ost | collectd-openldap-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-mysql | < 5.7.2-1.1.el7ost | collectd-mysql-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-write_http | < 5.7.2-1.1.el7ost | collectd-write_http-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-curl_json | < 5.7.2-1.1.el7ost | collectd-curl_json-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | collectd-postgresql | < 5.7.2-1.1.el7ost | collectd-postgresql-5.7.2-1.1.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | libcollectdclient | < 5.7.2-1.1.el7ost | libcollectdclient-5.7.2-1.1.el7ost.x86_64.rpm |
Related
osv
osv
collectd - security update
2017-04-04 00:00:00
CVE-2017-7401
2017-04-03 14:59:00
collectd vulnerabilities
2021-03-15 21:14:39
fedora
fedora
[SECURITY] Fedora 25 Update: collectd-5.7.1-3.fc25
2017-04-25 02:26:29
[SECURITY] Fedora 26 Update: collectd-5.7.1-3.fc26
2017-04-19 17:02:48
[SECURITY] Fedora 24 Update: collectd-5.6.2-1.fc24
2017-04-25 17:24:29
redhat
redhat
(RHSA-2018:2615) Moderate: collectd security update
2018-09-04 06:28:01
debiancve
debiancve
CVE-2017-7401
2017-04-03 14:59:00
ubuntucve
ubuntucve
CVE-2017-7401
2017-04-03 00:00:00
nessus
nessus
Fedora 25 : collectd (2017-80763c8c03)
2017-04-25 00:00:00
Amazon Linux AMI : collectd (ALAS-2017-829)
2017-05-19 00:00:00
Debian DLA-884-1 : collectd security update
2017-04-05 00:00:00
freebsd
freebsd
amazon
amazon
Medium: collectd
2017-05-18 18:58:00
openvas
openvas
Fedora Update for collectd FEDORA-2017-6b639afc9c
2017-04-26 00:00:00
Fedora Update for collectd FEDORA-2017-80763c8c03
2017-04-25 00:00:00
Debian: Security Advisory (DLA-884-1)
2018-01-16 00:00:00
nvd
nvd
CVE-2017-7401
2017-04-03 14:59:00
cve
cve
CVE-2017-7401
2017-04-03 14:59:00
alpinelinux
alpinelinux
CVE-2017-7401
2017-04-03 14:59:00
prion
prion
Code injection
2017-04-03 14:59:00
debian
debian
[SECURITY] [DLA 884-1] collectd security update
2017-04-04 15:23:57
cvelist
cvelist
CVE-2017-7401
2017-04-03 14:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:17:26
ubuntu
ubuntu
collectd vulnerabilities
2021-03-15 00:00:00