Lucene search
Redhat.comRH:CVE-2017-2893HistoryMay 20, 2022 - 11:50 p.m.
CVE-2017-2893
2022-05-2023:50:57
redhat.com
access.redhat.com
10
null pointer dereference
mqtt packet parsing
cesanta mongoose 6.8
denial of service
EPSS
0.266
Percentile
96.8%
An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.
Related
openvas
openvas
Mongoose Web Server <= 6.8 Multiple Vulnerabilities
2021-07-07 00:00:00
redhatcve
redhatcve
CVE-2017-2921
2022-05-20 23:55:38
talosblog
talosblog
Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server
2017-10-31 08:12:00
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
Integer overflow
2017-11-07 16:29:00
Security feature bypass
2017-11-07 16:29:00
Design/Logic Flaw
2017-11-07 16:29:00
checkpoint_advisories
checkpoint_advisories
Cesanta Mongoose DNS Compressed Name Denial of Service (CVE-2017-2909)
2017-11-16 00:00:00
talos
talos
Cesanta Mongoose DNS Query Compressed Name Pointer Denial Of Service
2017-10-31 00:00:00
Cesanta Mongoose HTTP Server CGI Remote Code Execcution Vulnerability
2017-10-31 00:00:00
nvd
nvd
osv
osv
seebug
seebug
cve
cve
cvelist
cvelist