KpyM Telnet Server Can Be Crashed By a Remote Connection Flood
|
|
SecurityTracker Alert ID: 1008619
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 6 2004
|
Impact: Denial of service via network
|
Fix Available: Yes
Exploit Included: Yes
Vendor Confirmed: Yes
|
Version(s): 1.05 and prior versions
|
Description: A denial of service vulnerability was reported in the KpyM Telnet Server. A remote user can cause the service to crash.
NoRpiUs reported that a remote user can create many connections to the server to cause the telnet service to crash. The report indicates
that the software marks a terminated connection as free before all elements of the connection are actually terminated.
|
Impact: A remote user can cause the telnet service to crash.
|
Solution: The vendor has released a fixed version (1.06), available at:
http://kpym.sourceforge.net/#4
|
Vendor URL: kpym.sourceforge.net/ (Links to External Site)
|
Cause: Resource error, State error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
