Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4077

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-4077
Last Modified 29 Jan 2009 01:55:23
Published 15 Sep 2008 11:14:07
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4077

Summary

The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large Content-Length.

Vulnerable Systems

Application

  • Dws Systems Inc. Sql-ledger

  • Dws Systems Inc. Sql-ledger 2.2.0

  • Dws Systems Inc. Sql-ledger 2.2.1

  • Dws Systems Inc. Sql-ledger 2.2.2

  • Dws Systems Inc. Sql-ledger 2.2.3

  • Dws Systems Inc. Sql-ledger 2.2.4

  • Dws Systems Inc. Sql-ledger 2.2.5

  • Dws Systems Inc. Sql-ledger 2.2.6

  • Dws Systems Inc. Sql-ledger 2.2.7

  • Dws Systems Inc. Sql-ledger 2.4.0

  • Dws Systems Inc. Sql-ledger 2.4.1

  • Dws Systems Inc. Sql-ledger 2.4.10

  • Dws Systems Inc. Sql-ledger 2.4.11

  • Dws Systems Inc. Sql-ledger 2.4.12

  • Dws Systems Inc. Sql-ledger 2.4.13

  • Dws Systems Inc. Sql-ledger 2.4.14

  • Dws Systems Inc. Sql-ledger 2.4.15

  • Dws Systems Inc. Sql-ledger 2.4.16

  • Dws Systems Inc. Sql-ledger 2.4.2

  • Dws Systems Inc. Sql-ledger 2.4.3

  • Dws Systems Inc. Sql-ledger 2.4.4

  • Dws Systems Inc. Sql-ledger 2.4.5

  • Dws Systems Inc. Sql-ledger 2.4.6

  • Dws Systems Inc. Sql-ledger 2.4.7

  • Dws Systems Inc. Sql-ledger 2.4.8

  • Dws Systems Inc. Sql-ledger 2.4.9

  • Dws Systems Inc. Sql-ledger 2.6.1

  • Dws Systems Inc. Sql-ledger 2.6.10

  • Dws Systems Inc. Sql-ledger 2.6.11

  • Dws Systems Inc. Sql-ledger 2.6.12

  • Dws Systems Inc. Sql-ledger 2.6.13

  • Dws Systems Inc. Sql-ledger 2.6.14

  • Dws Systems Inc. Sql-ledger 2.6.15

  • Dws Systems Inc. Sql-ledger 2.6.16

  • Dws Systems Inc. Sql-ledger 2.6.17

  • Dws Systems Inc. Sql-ledger 2.6.18

  • Dws Systems Inc. Sql-ledger 2.6.2

  • Dws Systems Inc. Sql-ledger 2.6.27

  • Dws Systems Inc. Sql-ledger 2.6.3

  • Dws Systems Inc. Sql-ledger 2.6.4

  • Dws Systems Inc. Sql-ledger 2.6.5

  • Dws Systems Inc. Sql-ledger 2.6.6

  • Dws Systems Inc. Sql-ledger 2.6.7

  • Dws Systems Inc. Sql-ledger 2.6.8

  • Dws Systems Inc. Sql-ledger 2.6.9

  • Ledgersmb

  • Ledgersmb 1.0.0

  • Ledgersmb 1.1.0

  • Ledgersmb 1.1.1

  • Ledgersmb 1.1.5

  • Ledgersmb 1.1.8

  • Ledgersmb 1.2.0

  • Ledgersmb 1.2.1

  • Ledgersmb 1.2.10

  • Ledgersmb 1.2.11

  • Ledgersmb 1.2.12

  • Ledgersmb 1.2.13

  • Ledgersmb 1.2.14

  • Ledgersmb 1.2.2

  • Ledgersmb 1.2.3

  • Ledgersmb 1.2.4

  • Ledgersmb 1.2.5

  • Ledgersmb 1.2.6

  • Ledgersmb 1.2.7

  • Ledgersmb 1.2.8

  • Ledgersmb 1.2.9

  • Sql-ledger

  • Sql-ledger 2.4.10

  • Sql-ledger 2.4.11

  • Sql-ledger 2.4.12

  • Sql-ledger 2.4.13

  • Sql-ledger 2.4.14

  • Sql-ledger 2.4.15

  • Sql-ledger 2.4.16

  • Sql-ledger 2.4.4

  • Sql-ledger 2.4.5

  • Sql-ledger 2.4.6

  • Sql-ledger 2.4.7

  • Sql-ledger 2.4.8

  • Sql-ledger 2.4.9

  • Sql-ledger 2.6.0

  • Sql-ledger 2.6.1

  • Sql-ledger 2.6.10

  • Sql-ledger 2.6.11

  • Sql-ledger 2.6.12

  • Sql-ledger 2.6.13

  • Sql-ledger 2.6.14

  • Sql-ledger 2.6.15

  • Sql-ledger 2.6.16

  • Sql-ledger 2.6.17

  • Sql-ledger 2.6.18

  • Sql-ledger 2.6.19

  • Sql-ledger 2.6.2

  • Sql-ledger 2.6.20

  • Sql-ledger 2.6.21

  • Sql-ledger 2.6.22

  • Sql-ledger 2.6.23

  • Sql-ledger 2.6.24

  • Sql-ledger 2.6.25

  • Sql-ledger 2.6.26

  • Sql-ledger 2.6.27

  • Sql-ledger 2.6.3

  • Sql-ledger 2.6.4

  • Sql-ledger 2.6.5

  • Sql-ledger 2.6.6

  • Sql-ledger 2.6.7

  • Sql-ledger 2.6.8

  • Sql-ledger 2.6.9

  • Sql-ledger 2.8.0

  • Sql-ledger 2.8.1

  • Sql-ledger 2.8.10

  • Sql-ledger 2.8.11

  • Sql-ledger 2.8.12

  • Sql-ledger 2.8.13

  • Sql-ledger 2.8.14

  • Sql-ledger 2.8.15

  • Sql-ledger 2.8.16

  • Sql-ledger 2.8.17

  • Sql-ledger 2.8.2

  • Sql-ledger 2.8.3

  • Sql-ledger 2.8.4

  • Sql-ledger 2.8.5

  • Sql-ledger 2.8.6

  • Sql-ledger 2.8.7

  • Sql-ledger 2.8.8

  • Sql-ledger 2.8.9


References

BID - 31109

XF - ledgersmb-contentlength-dos(45033)

BUGTRAQ - 20080910 Multiple Vulnerabilities: LedgerSMB < 1.2.15

CONFIRM - http://www.ledgersmb.org/node/70

SREASON - 4250

SECUNIA - 31843


Last Updated: 27 May 2016 10:48:22