Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2068

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2068
Last Modified 05 Sep 2008 04:43:07
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2068

Summary

fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an emptry NNTP news article with missing mandatory headers.

Vulnerable Systems

Application

  • Leafnode 1.9.25

  • Leafnode 1.9.26

  • Leafnode 1.9.27

  • Leafnode 1.9.28

  • Leafnode 1.9.29

  • Leafnode 1.9.30

  • Leafnode 1.9.31

  • Leafnode 1.9.32

  • Leafnode 1.9.33

  • Leafnode 1.9.34

  • Leafnode 1.9.35

  • Leafnode 1.9.36

  • Leafnode 1.9.37

  • Leafnode 1.9.38

  • Leafnode 1.9.39

  • Leafnode 1.9.40

  • Leafnode 1.9.41

  • Leafnode 1.9.42

  • Leafnode 1.9.43

  • Leafnode 1.9.44

  • Leafnode 1.9.45

  • Leafnode 1.9.46

  • Leafnode 1.9.47


References

SECUNIA - 10590

CONFIRM - http://leafnode.sourceforge.net/leafnode-SA-2004-01.txt

XF - leafnode-fetchnews-nntp-dos(14189)

OSVDB - 3441

VULNWATCH - 20040109 leafnode -1.9.47 security announcement SA-2004-01


Last Updated: 27 May 2016 10:39:18