All errata/sisyphus/ALT-PU-2017-2132-1
ALT-PU-2017-2132-1

Package update connman in branch sisyphus

Version1.35-alt1.S1
Task#187641
Published2017-08-30
Max severityCRITICAL
Severity:

Closed issues (2)

BDU:2017-02094
CRITICAL9.8

Уязвимость диспетчера соединений Connman («dnsproxy.c»), позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Published: 2017-09-15Modified: 2025-09-26
CVSS 3.xCRITICAL 9.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
References
CVE-2017-12865
CRITICAL9.8

Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.

Published: 2017-08-29Modified: 2025-04-20
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References