Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2953

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2953
Last Modified 14 Apr 2009 01:33:06
Published 01 Jul 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2953

Summary

Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.

Vulnerable Systems

Application

  • Linux Direct Connect 0.686

  • Linux Direct Connect 0.699

  • Linux Direct Connect 0.700

  • Linux Direct Connect 0.701

  • Linux Direct Connect 0.702

  • Linux Direct Connect 0.703

  • Linux Direct Connect 0.704

  • Linux Direct Connect 0.705

  • Linux Direct Connect 0.706


References

FEDORA - FEDORA-2008-6038

FEDORA - FEDORA-2008-6018

XF - dc-partialfilelist-dos(43341)

SECTRACK - 1020408

SECTRACK - 1020407

BID - 29924

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=608612&group_id=40287

SECUNIA - 30918

SECUNIA - 30907

SECUNIA - 30812

CONFIRM - http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp/client/ShareManager.cpp.diff?r1=1.14&r2=1.15&sortby=date


Last Updated: 27 May 2016 10:48:02