VDB
CVE-2017-5969
CVE-2017-5969
PUBLISHED
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
EPSS 3.51% · 87.9th percentile
Risk Scores
EPSS Score
3.51%
87.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | libxml2 | 0, 2.9.2+zdfsg1-4, 2.9.2+zdfsg1-4ubuntu1 |
| Ubuntu:Pro:14.04:LTS | libxml2 | 2.9.1+dfsg1-3ubuntu4, 2.9.1+dfsg1-3ubuntu4.1, 2.9.1+dfsg1-3ubuntu4.2 |
Exploit Intelligence
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) (hackerone)
- CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) (hackerone)
- CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) (hackerone)
…and 15 more exploits
Timeline
- CVE Published
- Oct 4, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 21, 2025 EPSS Score
- Mar 26, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 31, 2025 EPSS Score
- Apr 6, 2025 EPSS Score
- Apr 7, 2025 EPSS Score
- Apr 12, 2025 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-5969 third-party-advisory
- http://www.openwall.com/lists/oss-security/2016/11/05/3 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-5969 third-party-advisory