Denial of Service Vulnerability in Linux DC++ by Developer NmdcHub
CVE-2008-2954

Currently unrated

Key Information:

Vendor
Linux
Status
Direct Connect
Vendor
CVE Published:
1 July 2008

Summary

A vulnerability in Linux DC++ allows remote attackers to trigger a denial of service condition by sending an empty private message. This results in an out-of-bounds read, which can cause the application to crash. Users are advised to upgrade to the latest version to mitigate this risk. The flaw affects versions prior to 0.707, and system administrators should ensure their installations are updated to protect against potential exploitation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/43566
vdb-entryx_refsource_XF
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linux...
x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-2954 : Denial of Service Vulnerability in Linux DC++ by Developer NmdcHub | SecurityVulnerability.io