SecurityTracker.com Archives - LinuxDC++ Lets Remote Users Deny Service By Sending an Empty Private Message

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker Alert ID: 1020410

SecurityTracker URL: http://securitytracker.com/id?1020410

CVE Reference: CVE-2008-2954 (Links to External Site)

Date: Jul 2 2008

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 1.0.1 and prior versions

Description: A vulnerability was reported in LinuxDC++. A remote user can cause denial of service conditions.

A remote user can send an empty private message to cause the target service to crash.

Impact: A remote user can cause the target service to crash.

Solution: The vendor has issued a source code fix.

The vendor's advisory is available at:

http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp/Changelog.txt.diff?r1=1.169&r2=1.170

Vendor URL: linuxdcpp.berlios.de/ (Links to External Site)

Cause: Boundary error

Underlying OS: Linux (Any)

Message History: None.

Date: Tue, 1 Jul 2008 22:13:22 -0400
Subject: LinuxDC++

 
 
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp/Changelog.txt
 
CVE-2008-2954

Home | View Topics | Search | Contact Us | Help
Copyright 2007, SecurityGlobal.net LLC