CVE-2016-5017

CWE-119Buffer OverflowCWE-122Heap-based Buffer Overflow10 documents8 sources
Severity
8.1HIGH
EPSS
6.1%
top 9.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Zookeeper
Timeline
PublishedSep 21
Latest updateMay 13

Description

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages3 packages

NVDapache/zookeeper3.4.8+3
Debianzookeeper< 3.4.9-1+3
Ubuntuzookeeper< 3.4.5+dfsg-1ubuntu0.1~esm1+1

🔴Vulnerability Details

4
GHSA
GHSA-85r2-fvq8-6xw9: Buffer overflow in the C cli shell in Apache Zookeeper before 32022-05-13
OSV
zookeeper vulnerabilities2021-03-15
CVEList
CVE-2016-5017: Buffer overflow in the C cli shell in Apache Zookeeper before 32016-09-21
OSV
CVE-2016-5017: Buffer overflow in the C cli shell in Apache Zookeeper before 32016-09-21

📋Vendor Advisories

3
Ubuntu
Apache ZooKeeper vulnerabilities2021-03-15
Red Hat
zookeeper: Buffer overflow vulnerability in C cli shell2016-09-16
Debian
CVE-2016-5017: zookeeper - Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x be...2016

💬Community

2
Bugzilla
CVE-2016-5017 zookeeper: Buffer overflow vulnerability in C cli shell2016-09-19
Bugzilla
CVE-2016-5017 zookeeper: Buffer overflow vulnerability in C cli shell [fedora-all]2016-09-19
CVE-2016-5017 (HIGH CVSS 8.1) | Buffer overflow in the C cli shell | cvebase.io