[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] HAVP 0.89 fixes a crash
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2008-08-14 21:01:57
Message-ID: Pine.GSO.4.51.0808141701471.17005 () faron ! mitre ! org
[Download RAW message or body]


======================================================
Name: CVE-2008-3688
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3688
Reference: MLIST:[havp-devel] 20080715 Infinite loop which causes havp to block completely
Reference: URL:https://sourceforge.net/mailarchive/message.php?msg_name=487CDF51.5060201%40endian.com
Reference: CONFIRM:http://www.server-side.de/index.htm

sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote
attackers to cause a denial of service (hang) by connecting to a
non-responsive server, which triggers an infinite loop due to an
uninitialized variable.


[prev in list] [next in list] [prev in thread] [next in thread]