Note:
This project will be discontinued after December 13, 2021. [more]
2017-06-26
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address.
Products | Ntopng |
Type | NULL Pointer Dereference (CWE-476) |
First patch |
https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f |
Relevant file/s |
• ./src/Lua.cpp (modified, +2, -1)
• ./src/NetworkInterface.cpp (modified, +2) |
Links | https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: