admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-41660.md

19 lines
992 B
Markdown
Raw Normal View History

Update CVE sources 2024-08-18 19:26
2024-08-18 19:26:37 +00:00
### [CVE-2024-41660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41660)
![](https://img.shields.io/static/v1?label=Product&message=slpd-lite&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20all%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%3A%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen)
### Description
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon on the BMC. Patches will be available in the latest openbmc/slpd-lite repository.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/tanjiti/sec_profile
Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
- https://github.com/tylzars/awesome-vrre-writeups
Update CVE sources 2024-08-18 19:26
2024-08-18 19:26:37 +00:00
Reference in New Issue Copy Permalink