CVE-2017-7401

collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.

La interacción incorrecta de las funciones parse_packet() y parse_part_sign_sha256() en network.c en collectd 5.7.1 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) de una instancia collectd (configurada con opciones "SecurityLevel None" y con empty "AuthFile") a través de un paquete UDP manipulado.

collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and empty "AuthFile" options, an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-04-03 CVE Reserved
2017-04-03 CVE Published
2023-03-07 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CAPEC

References (7)

URL	Tag	Source
http://www.securityfocus.com/bid/97321	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/collectd/collectd/issues/2174	2019-10-03

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2017:1285	2019-10-03
https://access.redhat.com/errata/RHSA-2017:1787	2019-10-03
https://access.redhat.com/errata/RHSA-2018:2615	2019-10-03
https://access.redhat.com/security/cve/CVE-2017-7401	2018-09-04
https://bugzilla.redhat.com/show_bug.cgi?id=1439674	2018-09-04

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Collectd Search vendor "Collectd"		Collectd Search vendor "Collectd" for product "Collectd"				<= 5.7.1 Search vendor "Collectd" for product "Collectd" and version " <= 5.7.1"		-		Affected