giFT-FastTrack Null Pointer Dereference Lets Remote Users Crash the giFT Daemon
|
|
SecurityTracker Alert ID: 1010580
|
|
SecurityTracker URL: http://securitytracker.com/id?1010580
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jun 25 2004
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 0.8.6 and prior versions
|
Description: A vulnerability was reported in giFT-FastTrack. A remote user can cause denial of service conditions.
The vendor reported that a remote user can cause the giFT daemon to crash. The crash is reportedly caused by a null pointer dereference.
The vendor credits Alan F with reporting this flaw.
|
Impact: A remote user can cause the giFT daemon to crash.
|
Solution: The vendor has released a fixed versin (0.8.7), available at:
http://developer.berlios.de/project/showfiles.php?group_id=809
|
Vendor URL: gift-fasttrack.berlios.de/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Fri, 25 Jun 2004 00:53:20 -0400
Subject: http://gift-fasttrack.berlios.de/
|
http://gift-fasttrack.berlios.de/
> Important notice: A remote denial of service attack has been discovered in version 0.8.6
> and prior. Even though no code execution is possible it is recommended that you update
> to 0.8.7 as soon as possible. Thanks to Alan F for bringing this to our attention.
|
|
