Fluid Attacks Database

Description

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	zookeeper	>=0 <3.4.9-1	3.4.9-1
debian 14	zookeeper	>=0 <3.4.9-1	3.4.9-1
debian 12	zookeeper	>=0 <3.4.9-1	3.4.9-1
debian 11	zookeeper	>=0 <3.4.9-1	3.4.9-1

Aliases

1. CVE-2016-50172. NVD-2016-50173. OSV-DEBIAN-2016-50174. OSV-2016-50175. SECURITY-TRACKER-CVE-2016-5017

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.