Explore top 10 tips to secure your open-source projects now. Read More
×
An attacker could send crafted input to OpenSLP and cause it to hang.
Software Description:
- openslp-dfsg: OpenSLP is an implementation of the Service Location Protocol
- openslp: OpenSLP is an implementation of the Service Location Protocol
Details:
It was discovered that OpenSLP incorrectly handled certain corrupted
messages. A remote attacker could send a specially crafted packet to
the OpenSLP server and cause it to hang, leading to a denial of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: libslp1 1.2.1-7.7ubuntu0.1 Ubuntu 10.04 LTS: libslp1 1.2.1-7.6ubuntu0.1 Ubuntu 9.10: libslp1 1.2.1-7.5ubuntu0.1 Ubuntu 8.04 LTS: libslp1 1.2.1-7.1ubuntu0.2 Ubuntu 6.06 LTS: libslp1 1.2.1-5ubuntu0.2 In general, a standard system update will make all the necessary changes.
CVE-2010-3609
Get the latest Linux and open source security news straight to your inbox.