FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

leafnode fetchnews denial-of-service triggered by missing header

Affected packages
1.9.3 <= leafnode <= 1.9.41

Details

VuXML ID 7b0208ff-3f65-4e16-8d4d-48fd9851f085
Discovery 2003-06-20
Entry 2004-05-21
Modified 2005-05-13

Fetchnews could hang when a news article to be downloaded lacked one of the mandatory headers. Found by Joshua Crawford.

References

Bugtraq ID 8541
CVE Name CVE-2003-0744
FreeBSD PR ports/53838
Message 20030904011904.GB12350@merlin.emma.line.org
Message 20030904011904.GB12350@merlin.emma.line.org
URL http://leafnode.sourceforge.net/leafnode-SA-2003-01.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.