Gentoo: 200301-2 Critical: Leafnode NNTPD Denial Of Service
gentoo
January 2, 2003
This vulnerability can make leafnode's nntpd server, named leafnode, go into an unterminated loop when a particular article is requested.
Summary
- -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200301-2 - -------------------------------------------------------------------- DATE : 2003-01-02 11:01 UTC
- --------------------------------------------------------------------
From leafnode advisory:
"This vulnerability can make leafnode's nntpd server, named leafnode, go into an unterminated loop when a particular article is requested. The connection becomes irresponsive, and the server hogs the CPU. The client will have to terminate the connection and connect again, and may fall prey to the same problem; ultimately, there may be so many leafnode processes hogging the CPU that no serious work is possible any more and the super user has to kill all running leafnode processes."
Read the full advisory at http://marc.theaimsgroup.com/?l=bugtraq&m=104127108823436&w=2
SOLUTION
It is recommended that all Gentoo Linux users who are running new-news/leafnode-1.9.24 or e...Read the Full Advisory
Topics Covered
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
PACKAGE : leafnode
SUMMARY : denial of service
EXPLOIT : local and remote
Topics Covered
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!