Denial of Service Vulnerability in ntopng by ntop
CVE-2017-7458

7.5HIGH

Key Information:

Vendor: Ntop
Status: Ntopng
Vendor: CVE Published:; 26 June 2017

What is CVE-2017-7458?

A vulnerability in the NetworkInterface::getHost function within ntopng versions before 3.0 allows remote attackers to trigger a denial of service by submitting an empty field intended for a hostname or IP address, leading to a NULL pointer dereference and subsequent application crash.

References

https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399...

x_refsource_MISC

https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2017
Vulnerability Reserved
Apr 5, 2017

CVE-2017-7458 Data

JSON

Ntop

What is CVE-2017-7458?

References

CVSS V3.1

Timeline