Apache ZooKeeper is vulnerable to a buffer overflow, caused by improper bounds checking by the C client shells “cli_st” and “cli_mt”. By sending an overly long command, a attacker could overflow a buffer and execute arbitrary code on the system.
CVE(s): CVE-2016-5017
Affected product(s) and affected version(s):
IBM eDiscovery Analyzer 2.2.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2jXllvg
X-Force Database: http://ift.tt/2kVskST
from IBM Product Security Incident Response Team http://ift.tt/2jXz59l
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.