Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0193

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-0193
Last Modified 06 Apr 2015 09:59:18
Published 06 May 2014 10:55:05
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0193

Summary

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

Vulnerable Systems

Application

  • Netty Project Netty 3.6.0

  • Netty Project Netty 3.6.1

  • Netty Project Netty 3.6.2

  • Netty Project Netty 3.6.3

  • Netty Project Netty 3.6.4

  • Netty Project Netty 3.6.5

  • Netty Project Netty 3.6.6

  • Netty Project Netty 3.6.7

  • Netty Project Netty 3.6.8

  • Netty Project Netty 3.7.0

  • Netty Project Netty 3.8.0

  • Netty Project Netty 3.8.1

  • Netty Project Netty 3.9.0

  • Netty Project Netty 4.0.0

  • Netty Project Netty 4.0.1

  • Netty Project Netty 4.0.10

  • Netty Project Netty 4.0.11

  • Netty Project Netty 4.0.12

  • Netty Project Netty 4.0.13

  • Netty Project Netty 4.0.14

  • Netty Project Netty 4.0.15

  • Netty Project Netty 4.0.16

  • Netty Project Netty 4.0.17

  • Netty Project Netty 4.0.18

  • Netty Project Netty 4.0.2

  • Netty Project Netty 4.0.3

  • Netty Project Netty 4.0.4

  • Netty Project Netty 4.0.5

  • Netty Project Netty 4.0.6

  • Netty Project Netty 4.0.7

  • Netty Project Netty 4.0.8

  • Netty Project Netty 4.0.9


References

CONFIRM - http://netty.io/news/2014/04/30/release-day.html

CONFIRM - https://github.com/netty/netty/issues/2441

BID - 67182

SECUNIA - 58280

REDHAT - RHSA-2014:1021

REDHAT - RHSA-2014:1020

REDHAT - RHSA-2014:1019

REDHAT - RHSA-2014:1351

REDHAT - RHSA-2015:0675

REDHAT - RHSA-2015:0720

REDHAT - RHSA-2015:0765


Last Updated: 27 May 2016 11:06:38