Lucene search
Veracode Vulnerability DatabaseVERACODE:26234HistoryAug 06, 2020 - 9:37 p.m.
Denial Of Service (DoS)
2020-08-0621:37:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
nfdump
denial of service
remote
vulnerability
integer overflow
ipfix template
crash
process
EPSS
0.01
Percentile
84.0%
nfdump is vulnerable to denial of service (DoS). The vulnerability exists through an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely.
References
github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
github.com/phaag/nfdump/issues/171
lists.debian.org/debian-lts-announce/2020/09/msg00021.html
lists.fedoraproject.org/archives/list/[email protected]/message/ULSZMKA7P7REJMANVL7D6WMZ2L7IRSET/
lists.fedoraproject.org/archives/list/[email protected]/message/YTONOGJU5FSMFNRCT6OHXYUMDRKH4RPA/
security.gentoo.org/glsa/202003-17
Related
debiancve
debiancve
CVE-2019-14459
2019-07-31 21:15:11
nvd
nvd
CVE-2019-14459
2019-07-31 21:15:11
prion
prion
Integer overflow
2019-07-31 21:15:00
cvelist
cvelist
CVE-2019-14459
2019-07-31 20:57:58
cve
cve
CVE-2019-14459
2019-07-31 21:15:11
ubuntucve
ubuntucve
CVE-2019-14459
2019-07-31 00:00:00
osv
osv
CVE-2019-14459
2019-07-31 21:15:11
nfdump - security update
2020-09-26 00:00:00
alpinelinux
alpinelinux
CVE-2019-14459
2019-07-31 21:15:11
openvas
openvas
Fedora Update for nfdump FEDORA-2019-0fbfb00cbb
2019-08-25 00:00:00
Debian: Security Advisory (DLA-2383-1)
2020-09-27 00:00:00
Fedora Update for nfdump FEDORA-2019-9013b5e75d
2019-08-25 00:00:00
nessus
nessus
GLSA-202003-17 : nfdump: Multiple vulnerabilities
2020-03-16 00:00:00
Debian DLA-2383-1 : nfdump security update
2020-09-28 00:00:00
Fedora 29 : nfdump (2019-9013b5e75d)
2019-08-26 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: nfdump-1.6.18-1.fc30
2019-08-24 01:03:54
[SECURITY] Fedora 29 Update: nfdump-1.6.18-1.fc29
2019-08-24 02:01:02
gentoo
gentoo
nfdump: Multiple vulnerabilities
2020-03-15 00:00:00
debian
debian
[SECURITY] [DLA 2383-1] nfdump security update
2020-09-26 15:57:33