CVE-2021-28040

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 05/03/2021 Updated: 09/03/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

An issue exists in OSSEC 3.6.0. An uncontrolled recursion vulnerability in os_xml.c occurs when a large number of opening and closing XML tags is used. Because recursion is used in _ReadElem without restriction, an attacker can trigger a segmentation fault once unmapped memory is reached.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ossec ossec 3.6.0

CVE-2021-28040 OSSEC-HIDS Outlines Background of OSSEC-HIDS The issue in CVE-2021-28040 What is XML and Uncontrolled Recursion Related Attack Patterns Impacts Potential Mitigations Background of OSSEC-HIDS OSSEC-HIDS is a free and open-source host-based intrusion detection system that includes four primary functions: log analysis, integrity checking, rootkit identification, a

CWE-674 https://github.com/ossec/ossec-hids/issues/1953 https://nvd.nist.gov https://github.com/FUAZA/ECE9069_Presentation_2

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-28040

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect