CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-6384

Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

http://www.securityfocus.com/bid/96552
https://github.com/atheme/atheme/pull/539
https://github.com/atheme/atheme/releases/tag/v7.2.8
http://www.securityfocus.com/bid/96552
https://github.com/atheme/atheme/pull/539
https://github.com/atheme/atheme/releases/tag/v7.2.8

Products affected by CVE-2017-6384

Atheme » Atheme » Version: 7.2.7

cpe:2.3:a:atheme:atheme:7.2.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6384

Products

Pricing

Contact Us