PT-2005-2868 · Leafnode · Leafnode

Published

2005-06-08

Updated

2008-09-05

CVE-2005-1911

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions leafnode versions 1.11.2 and earlier

Description The issue concerns the fetchnews NNTP client, which can hang while waiting for input that never arrives. This allows remote NNTP servers to cause a denial of service, resulting in news loss.

Recommendations For leafnode versions 1.11.2 and earlier, consider updating to a version later than 1.11.2 to resolve the issue. As a temporary workaround, restrict access to the fetchnews NNTP client to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1911

Affected Products

Leafnode

PT-2005-2868 · Leafnode · Leafnode

CVE-2005-1911

Related Identifiers

Affected Products

References · 5