OpenSLP ‘SLPDProcessMessage()’ Function Double Free Denial of Service Vulnerability

Bugtraq ID: 76635 Class: Failure to Handle Exceptional Conditions CVE:

CVE-2015-5177 Remote: Yes Local: No Published: Aug 06 2015 12:00AM Updated: Aug 10 2018 10:00AM Credit: Qinghao Tang of QIHU 360 Vulnerable:

VMWare Esxi 6.7
VMWare Esxi 6.5
VMWare Esxi 6.0
VMWare ESXi 5.5
VMWare ESXi 5.1
VMWare ESXi 5.0
Ubuntu Ubuntu Linux 15.04
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
OpenSLP OpenSLP 1.2.1
IBM PowerKVM 2.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64 Not Vulnerable:

VMWare Esxi ESXi670-201806401-BG
VMWare Esxi ESXi650-201806401-BG
VMWare Esxi ESXi600-201806401-BG
VMWare Esxi ESXi550-201509101-SG
VMWare Esxi ESXi510-201510101-SG
VMWare Esxi ESXi500-201510101-SG
IBM PowerKVM 2.1.1 SP3
IBM PowerKVM 2.1.1 Build 65.1