CVE-2017-17833

CVE Database · CVE-2017-17833

CVE-2017-17833

· N/AModified

CVSS v3.1

N/A

EPSS

3.89%

Published

Apr 23, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.

Weaknesses (CWE)

CWE-119

Affected Products (67)

openslp · openslpvulnerable

debian · debian_linuxvulnerable

canonical · ubuntu_linuxvulnerable

redhat · enterprise_linux_desktopvulnerable

redhat · enterprise_linux_servervulnerable

redhat · enterprise_linux_server_ausvulnerable

References (14)

http://support.lenovo.com/us/en/solutions/LEN-18247

PatchThird Party Advisory

https://access.redhat.com/errata/RHSA-2018:2240

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2308

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html

Issue TrackingMailing ListThird Party Advisory

https://security.gentoo.org/glsa/202005-12

https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/

PatchThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs

redhat · enterprise_linux_server_eusvulnerable

redhat · enterprise_linux_server_tusvulnerable

redhat · enterprise_linux_workstationvulnerable

lenovo · thinkserver_rd350g_firmwarevulnerable

lenovo · thinkserver_rd350g

lenovo · thinkserver_rd350x_firmwarevulnerable

lenovo · thinkserver_rd350x

lenovo · thinkserver_rd450x_firmwarevulnerable

lenovo · thinkserver_rd450x

lenovo · thinksystem_hr630x_firmwarevulnerable

lenovo · thinksystem_hr630x

lenovo · thinksystem_hr650x_firmwarevulnerable

lenovo · thinksystem_hr650x

lenovo · thinksystem_sr630_firmwarevulnerable

lenovo · thinksystem_sr630

lenovo · flex_system_fc3171_8gb_san_switch_firmware (up to 9.1.13.02.00)vulnerable

lenovo · flex_system_fc3171_8gb_san_switch

lenovo · storage_n3310_firmware (up to 4.53.351)vulnerable

lenovo · storage_n3310

lenovo · storage_n4610_firmware (up to 4.53.351)vulnerable

lenovo · storage_n4610

lenovo · bm_nextscale_fan_power_controller (up to 24p-2.15)vulnerable

lenovo · cmm (up to 1.8.0)vulnerable

lenovo · fan_power_controller (up to 30r-1.13)vulnerable

lenovo · imm1 (up to 1.55)vulnerable

lenovo · imm2 (up to 4.70)vulnerable

lenovo · xclarity_administrator (up to 1.4.0)vulnerable

lenovo · thinkserver_rd340_firmware (up to 50.00)vulnerable

lenovo · thinkserver_rd340

lenovo · thinkserver_rd350_firmware (up to 4.53.351)vulnerable

lenovo · thinkserver_rd350

lenovo · thinkserver_rd440_firmwarevulnerable

lenovo · thinkserver_rd440

lenovo · thinkserver_rd450_firmware (up to 4.53.351)vulnerable

lenovo · thinkserver_rd450

lenovo · thinkserver_rd550_firmware (up to 4.53.351)vulnerable

lenovo · thinkserver_rd550

lenovo · thinkserver_rd540_firmware (up to 50.00)vulnerable

https://usn.ubuntu.com/3708-1/

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html

Issue TrackingMailing ListThird Party Advisory

https://usn.ubuntu.com/3708-1/

Third Party Advisory