oss-sec mailing list archives
Re: HAVP 0.89 fixes a crash
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 14 Aug 2008 17:01:57 -0400 (EDT)
====================================================== Name: CVE-2008-3688 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3688 Reference: MLIST:[havp-devel] 20080715 Infinite loop which causes havp to block completely Reference: URL:https://sourceforge.net/mailarchive/message.php?msg_name=487CDF51.5060201%40endian.com Reference: CONFIRM:http://www.server-side.de/index.htm sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial of service (hang) by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable.
Current thread:
- HAVP 0.89 fixes a crash Raphael Marichez (Aug 14)
- Re: HAVP 0.89 fixes a crash Steven M. Christey (Aug 14)