Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2018-17156First vendor Publication2018-11-28
VendorCveLast vendor Modification2019-10-02

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.quotelen sysctl.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17156

CWE : Common Weakness Enumeration

%idName
100 %CWE-787Out-of-bounds Write (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Os773

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/106052
CONFIRM https://security.freebsd.org/advisories/FreeBSD-EN-18:13.icmp.asc

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2019-10-03 09:20:59
  • Multiple Updates
2019-02-05 00:19:26
  • Multiple Updates
2018-12-01 17:19:00
  • Multiple Updates
2018-11-28 21:19:51
  • First insertion