oss-sec mailing list archives
Re: CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability
From: Stefan Cornelius <scorneli () redhat com>
Date: Sat, 19 Sep 2015 12:18:06 +0200
On Wed, 16 Sep 2015 17:40:11 +0800 Qinghao Tang <luodalongde () gmail com> wrote:
HI there, Greeting! This is Qinghao Tang from QIHU 360 company, China. I am a security researcher there.I'm writing to report a vulnerability in openslp. The function ParseExtension() in openslp 1.2.1 exists a vulnerability , an attacher can cause a denial of service (infinite loop) via a packet with crafted "nextoffset" value and "extid" value.
Hi, I have a hunch that this may be CVE-2010-3609? Can you have a look and tell me why and how this is different from CVE-2010-3609? Thanks in advance and kind regards, -- Stefan Cornelius / Red Hat Product Security
Current thread:
- CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability Qinghao Tang (Sep 16)
- Re: CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability Stefan Cornelius (Sep 19)