CVE-2016-15024

doomsider shadow denial of service

CVSS 2.5 LOWEPSS 0.2%CWE-404

Vexday Risk Score

8Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 2.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

19 fev 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as 3332c5ba9ec3014ddc74e2147190a050eee97bc0. It is recommended to apply a patch to fix this issue. VDB-221478 is the identifier assigned to this vulnerability.

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Produtos afetados

doomsider · shadow

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0 https://vuldb.com/?ctiid.221478 https://vuldb.com/?id.221478