Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2017-2909

Published: 07/11/2017 Updated: 13/06/2022
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Mongoose

Vulnerability Summary

An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker can send a packet over the network to trigger this vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cesanta mongoose 6.8

Vendor Advisories

Debian CVElist Bug Report Logs: Multiple vulnerabiliities in Mongoose
Debian Bug report logs - #898943 Multiple vulnerabiliities in Mongoose Package: src:smplayer; Maintainer for src:smplayer is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Thu, 17 May 2018 16:51:02 UTC Severity: grave Tags: security Fixed in ...

References

CWE-835https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0416https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898943https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook