CVE-2018-10932

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-10932

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10932.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-10932

Related

Published

2018-08-21T18:29:00Z

Modified

2024-06-30T12:01:22Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.

References

Affected packages

Debian:11 / lldpad

Package

Name: lldpad
Purl: pkg:deb/debian/lldpad?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1+git20180808.4e642bd-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / lldpad

Package

Name: lldpad
Purl: pkg:deb/debian/lldpad?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1+git20180808.4e642bd-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / lldpad

Package

Name: lldpad
Purl: pkg:deb/debian/lldpad?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1+git20180808.4e642bd-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/intel/openlldp

Affected ranges

Type: GIT
Repo: https://github.com/intel/openlldp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

62e50fc0d03a0e4a8fc31d638947f1375f837e8e