Security Advisory

CVE-2020-17467

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-11 22:36:31

Last updated 2024-08-04 13:53:17

Assigner mitre

State PUBLISHED

Description

An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesnt check for 0 termination. Therefore, the deduced length of the hostname doesnt reflect the correct length of the actual data. This may lead to Information Disclosure in _fnet_llmnr_poll in fnet_llmnr.c during a response to a malicious request of the DNS class IN.

← Browse all CVEs View on cve.org ↗