Lucene search
Redhat.comRH:CVE-2017-2921HistoryMay 20, 2022 - 11:55 p.m.
CVE-2017-2921
2022-05-2023:55:38
redhat.com
access.redhat.com
16
memory corruption
websocket protocol
cesanta mongoose 6.8
integer overflow
heap buffer overflow
denial of service
remote code execution
EPSS
0.266
Percentile
96.8%
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An attacker needs to send a specially crafted websocket packet over network to trigger this vulnerability.
Related
redhatcve
redhatcve
CVE-2017-2893
2022-05-20 23:50:57
openvas
openvas
Mongoose Web Server <= 6.8 Multiple Vulnerabilities
2021-07-07 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server
2017-10-31 08:12:00
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
Integer overflow
2017-11-07 16:29:00
Security feature bypass
2017-11-07 16:29:00
Design/Logic Flaw
2017-11-07 16:29:00
checkpoint_advisories
checkpoint_advisories
Cesanta Mongoose DNS Compressed Name Denial of Service (CVE-2017-2909)
2017-11-16 00:00:00
talos
talos
Cesanta Mongoose DNS Query Compressed Name Pointer Denial Of Service
2017-10-31 00:00:00
Cesanta Mongoose HTTP Server CGI Remote Code Execcution Vulnerability
2017-10-31 00:00:00
nvd
nvd
osv
osv
seebug
seebug
cve
cve
cvelist
cvelist