Technical Advisory: Mosquitto Broker DoS through a Memory Leak vulnerability
Vendor: Eclipse MosquittoVendor URL: https://mosquitto.org/Versions affected: <= 1.4.15Systems Affected: Mosquitto BrokerAuthor: Daniel Romero – daniel.romero[at]nccgroup[dot]trustAdvisory URL / CVE Identifier: CVE-2017-7654Risk: High (The memory leak vulnerability can lead to a Denial of Service) Summary A Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial […]