MidnightBSD

Advisories for service_location_protocol_project

CVE-2023-29552

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

Products Affected

Vendor Product Version
netapp smi-s_provider -
suse linux_enterprise_server 11
suse linux_enterprise_server 12
vmware esxi *
service_location_protocol_project service_location_protocol -
suse manager_server -
suse linux_enterprise_server 15