CVE-2002-2124

Name of the Vulnerable Software and Affected Versions: nylon version 0.2

Description: The issue concerns the recvn and sendn functions, which do not properly handle the case when the recv function call returns 0. This oversight allows remote attackers to trigger a denial of service by closing the connection during the execution of recv, resulting in an infinite loop and excessive CPU consumption.

Recommendations: For nylon version 0.2, consider modifying the recvn and sendn functions to correctly handle the case when the recv function call returns 0, thus preventing the infinite loop and CPU consumption. As a temporary workaround, consider implementing a timeout or a mechanism to detect and handle closed connections to minimize the risk of exploitation.