Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[VulnWatch] leafnode security announcement leafnode-SA-2005-01

from [Matthias Andree] Network Security [Permanent Link]
Subject: [VulnWatch] leafnode security announcement leafnode-SA-2005-01
Date: Wed, 4 May 2005 17:23:11 +0200 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

leafnode-SA-2005:01.fetchnews-crashes-on-timeout

Topic:          potential denial of service in leafnode

Announcement:   leafnode-SA-2005:01
Writer:         Matthias Andree
Version:        1.00
Announced:      2005-05-04
Category:       main
Type:           potential denial of service
Impact:         fetchnews crashes, some servers not queried
Danger:         low
                - malicious upstream server can easily be unlisted
CVE Name:       requested from FreeBSD CNA, for updates, please
                see <http://leafnode.sourceforge.net/security.shtml>

Affects:        leafnode versions 1.9.48 to 1.11.1 inclusively

Not affected:   leafnode 1.11.2

Default install: affected.

Corrected:      2005-05-04 10:09 UTC (CVS) - committed corrected version
                2005-05-04                   leafnode 1.11.2 released

0. Release history

2005-05-04      1.00 initial announcement

1. Background

leafnode is a store-and-forward proxy for Usenet news, is uses the
network news transfer protocol (NNTP). It consists of several
collaborating programs, the server part is usually started by inetd,
xinetd or tcpserver, the client part is usually started by cron or
manually.

This security announcement pertains to leafnode-1, the stable branch.

The leafnode-2 development branch has not yet seen a stable release, so
it is not subject to security announcements.

2. Problem description

Two vulnerabilities were found in the fetchnews program (the NNTP
client). These can cause the fetchnews program to crash when the
upstream server closes the connection while leafnode is receiving (1) an
article header, or (2) an article body.

3. Impact

A malicious upstream server that purposefully drops the connection after
fetchnews has requested an article header or body can prevent fetchnews
from ever querying other servers that are listed after the malicious
server in the configuration file.

4. Workaround

Comment out all configuration pertaining to the malicious server.

Note that this is not a full solution as transient network errors can
also cause delays in querying other network servers, and it requires
manual intervention to find out which server is malicious.

5. Solution

Upgrade your leafnode package to version 1.11.2.
leafnode 1.11.2 is available from SourceForge:
<http://sourceforge.net/project/showfiles.php?group_id=57767>

Leafnode 1.X versions are deemed stable, and it is usually best to go
for the latest released 1.X version to have all the other bug fixes as
well.

A. References

leafnode home page: <http://leafnode.sourceforge.net/>

END OF leafnode-SA-2005:01.fetchnews-crashes-on-timeout
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCeOjfvmGDOQUufZURAmX8AKCjHNY0If1VSN+Sedr8l1MFapRuowCff7mV
EPQD1WBDzBMgmNCYVZjJz7M=
=ObqW
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [VulnWatch] leafnode security announcement leafnode-SA-2005-01, Matthias Andree <=
Previous by Date:  RE: [Full-disclosure] Microsoft Windows Image Rendering Memory Limit DoS, Luis A. Cortes Zavala
Next by Date:  [Full-disclosure] Port 1025 netvenuechat, Sherwyn Williams
Previous by Thread:  [VulnWatch] Local root vuln in VPN daemon on MacOS X, Pieter de Boer
Next by Thread:  [Full-disclosure] KSpynix ::: the Unix version of KSpyware? (Proof Of Concept), khaalel
Indexes:  [Date] [Thread] [Top] [All Lists]