CVE-2015-8011

MEDIUM

Description

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.

References

http://www.openwall.com/lists/oss-security/2015/10/16/2

http://www.openwall.com/lists/oss-security/2015/10/30/2

https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2

https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/

https://www.debian.org/security/2021/dsa-4836

Details

Source: MITRE

Published: 2020-01-28

Updated: 2021-03-11

Type: CWE-120

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
148122RHEL 8 : rhvm-appliance (RHSA-2021:0988)NessusRed Hat Local Security Checks
medium
147881RHEL 7 : openvswitch2.11 and ovn2.11 (RHSA-2021:0931)NessusRed Hat Local Security Checks
medium
147151Fedora 33 : 2:dpdk / openvswitch (2021-fba11d37ee)NessusFedora Local Security Checks
medium
146677Debian DLA-2571-1 : openvswitch security updateNessusDebian Local Security Checks
high
145309Debian DSA-4836-1 : openvswitch - security updateNessusDebian Local Security Checks
medium
144943Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Open vSwitch vulnerabilities (USN-4691-1)NessusUbuntu Local Security Checks
medium
144765RHEL 7 : Red Hat Virtualization (RHSA-2021:0028)NessusRed Hat Local Security Checks
medium
144509RHEL 8 : OpenShift Container Platform 4.6.9 packages and (RHSA-2020:5615)NessusRed Hat Local Security Checks
medium
144405RHEL 8 : Red Hat Virtualization (RHSA-2020:5611)NessusRed Hat Local Security Checks
medium
86620FreeBSD : lldpd -- Buffer overflow/Denial of service (2a4a112a-7c1b-11e5-bd77-0800275369e2)NessusFreeBSD Local Security Checks
medium