---

CVE-2015-8011 - log back

CVE-2015-8011 edited at 14 Jan 2021 21:58:22

References

https://www.openwall.com/lists/oss-security/2015/10/16/2 + https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2 https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html - https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2 + https://github.com/openvswitch/ovs/pull/335 + https://github.com/openvswitch/ovs/commit/ec51fc90669e5fe1a2096581296d55b3acda6711

CVE-2015-8011 edited at 14 Jan 2021 21:48:31
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
References	+ https://www.openwall.com/lists/oss-security/2015/10/16/2 + https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html + https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
Notes

CVE-2015-8011 created at 14 Jan 2021 21:45:31