Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3688

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3688
Last Modified 06 Feb 2009 01:58:02
Published 14 Aug 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3688

Summary

sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial of service (hang) by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable.

Vulnerable Systems

Application

  • Havp 0.88

  • Havp Http Antivirus Proxy 0.88


References

MLIST - [havp-devel] 20080715 Infinite loop which causes havp to block completely

XF - havp-sockethandler-dos(44467)

CONFIRM - http://www.server-side.de/index.htm

SECTRACK - 1020900

BID - 30697

GENTOO - GLSA-200809-11

SECUNIA - 31971

SECUNIA - 31494


Last Updated: 27 May 2016 10:48:16