Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2391

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-2391
Last Modified 29 Jan 2009 01:49:57
Published 21 May 2008 09:24:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2391

Summary

SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1.

Vulnerable Systems

Application

  • Codeplex Subsonic


References

BUGTRAQ - 20080519 DoS attacks using SQL Wildcards - White Paper

MISC - http://www.portcullis-security.com/uplds/wildcard_attacks.pdf

MISC - http://www.codeplex.com/subsonic/WorkItem/View.aspx?WorkItemId=16112

SREASON - 3898

XF - subsonic-pagesize-dos(42562)


Last Updated: 27 May 2016 10:47:51