CVE-2017-6543
published 2017-03-08CVE-2017-6543: Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to…
PriorityP335high7.3CVSS 3.0
AVLACLPRLUIRSUCHIHAH
EPSS
0.84%
53.3th percentile
Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gnu | binutils | >= 0 < 2.24-5ubuntu14.2+esm5 | 2.24-5ubuntu14.2+esm5 |
| gnu | binutils | >= 0 < 2.26.1-1ubuntu1~16.04.8+esm9 | 2.26.1-1ubuntu1~16.04.8+esm9 |
| gnu | binutils | >= 0 < 2.30-21ubuntu1~18.04.9+esm3 | 2.30-21ubuntu1~18.04.9+esm3 |
| tenable | appliance | — | — |
| tenable | nessus | <= 6.10.1 | — |
CVSS provenance
nvdv3.07.3HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
osv7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
binutils vulnerabilities
osv·2023-10-04·CVSS 7.8
CVE-2017-17122 binutils vulnerabilities
binutils vulnerabilities
It was discovered that GNU binutils was not properly performing checks
when dealing with memory allocation operations, which could lead to
excessive memory consumption. An attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2017-17122, CVE-2017-8421)
It was discovered that GNU binutils was not properly performing bounds
checks when processing debug sections with objdump, which could lead to
an overflow. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected Ubuntu
14.04 LTS. (CVE-2018-20671, CVE-2018-6543)
It was discovered that GNU binutils contained a reachable assertion, which
could lead to an intentional assertion failure when
GHSA
GHSA-qprc-f7qc-63gc: Tenable Nessus before 6
ghsa_unreviewed·2022-05-13
CVE-2017-6543 [HIGH] GHSA-qprc-f7qc-63gc: Tenable Nessus before 6
Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows.
No detection rules found.
No public exploits indexed.
2017-03-08
Published