CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6254

Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.131

EPSS Ranking 93.8%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

Products affected by CVE-2016-6254

Collectd » Collectd » Version: 5.4.0

cpe:2.3:a:collectd:collectd:5.4.0
Collectd » Collectd » Version: 5.4.1

cpe:2.3:a:collectd:collectd:5.4.1
Collectd » Collectd » Version: 5.4.2

cpe:2.3:a:collectd:collectd:5.4.2
Collectd » Collectd » Version: 5.5.0

cpe:2.3:a:collectd:collectd:5.5.0
Collectd » Collectd » Version: 5.5.1

cpe:2.3:a:collectd:collectd:5.5.1
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Fedoraproject » Fedora » Version: 23

cpe:2.3:o:fedoraproject:fedora:23
Fedoraproject » Fedora » Version: 24

cpe:2.3:o:fedoraproject:fedora:24

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6254

Products

Pricing

Contact Us