FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openslp -- denial of service vulnerability

Affected packages
openslp < 2.0.0


VuXML ID 3c259621-5d4a-11e5-9ad8-14dae9d210b8
Discovery 2015-09-16
Entry 2015-09-17

Qinghao Tang reports:

The function ParseExtension() in openslp 1.2.1 contains vulnerability: an attacker can cause a denial of service (infinite loop) via a packet with crafted "nextoffset" value and "extid" value.


CVE Name CVE-2015-5155