CVE-2017-6318
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
| Software | From | Fixed in |
|---|---|---|
| opensuse / leap | 42.1 | 42.1.x |
| sane-backends_project / sane-backends | 1.0.25 | 1.0.25.x |
- http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035054.html
- http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035059.html
- http://lists.opensuse.org/opensuse-updates/2017-03/msg00016.html
- http://www.securityfocus.com/bid/97028
- https://alioth.debian.org/tracker/index.php?func=detail&aid=315576
- https://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035029.html
- https://usn.ubuntu.com/4470-1/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime