oss-sec mailing list archives
Re: Two remote DoS issues in linuxdcpp
From: Robert Buchholz <rbu () gentoo org>
Date: Wed, 2 Jul 2008 02:03:36 +0200
On Tuesday 01 July 2008, Steven M. Christey wrote:
====================================================== Name: CVE-2008-2953 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2953 Reference: CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=60861 2&group_id=40287 Reference: CONFIRM:http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp /client/ShareManager.cpp.diff?r1=1.14&r2=1.15&sortby=date Reference: SECUNIA:30812 Reference: URL:http://secunia.com/advisories/30812 Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.
That Secunia advisory is actually for the Windows version of DC++, which has a different versioning. I think you might want to expand that in the description. Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Re: Two remote DoS issues in linuxdcpp Steven M. Christey (Jul 01)
- Re: Two remote DoS issues in linuxdcpp Robert Buchholz (Jul 01)