In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. By writing arbitrary PIDs to that file, the smokeping user can cause a denial of service to arbitrary PIDs when the service is stopped.
References
Link | Resource |
---|---|
https://bugs.gentoo.org/631140 | Exploit Issue Tracking Third Party Advisory |
https://security.gentoo.org/glsa/202209-08 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-09-20 18:15
Updated : 2024-02-28 19:29
NVD link : CVE-2017-20147
Mitre link : CVE-2017-20147
CVE.ORG link : CVE-2017-20147
JSON object : View
Products Affected
smokeping
- smokeping
CWE