The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | smi-s_provider | - |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_server | 12 |
| vmware | esxi | * |
| service_location_protocol_project | service_location_protocol | - |
| suse | manager_server | - |
| suse | linux_enterprise_server | 15 |