PT-2004-1443 · Signaturedb · Signaturedb

Lynx

Published

2004-03-18

Updated

2017-07-11

CVE-2004-0289

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions SignatureDB version 0.1.1

Description A buffer overflow issue exists in the sdbscan component of SignatureDB, allowing local users to cause a denial of service, resulting in a segmentation fault. This can be achieved by providing a database file that contains a large key parameter.

Recommendations For SignatureDB version 0.1.1, consider restricting access to the sdbscan component until a patch is available to prevent potential denial of service attacks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0289

Affected Products

Signaturedb

PT-2004-1443 · Signaturedb · Signaturedb

CVE-2004-0289

Related Identifiers

Affected Products

References · 4