CVE-2004-1918

Name of the Vulnerable Software and Affected Versions RSniff version 1.0

Description The issue allows remote attackers to cause a denial of service, specifically connection exhaustion, by establishing a large number of connections with a command other than AUTHENTICATE, or without any data. This prevents the socket from being closed properly.

Recommendations For RSniff version 1.0, consider implementing a mechanism to limit the number of concurrent connections and properly handle socket closure to prevent connection exhaustion. As a temporary workaround, consider restricting access to the service to minimize the risk of exploitation.