FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

leafnode -- denial of service vulnerability

Affected packages
leafnode < 1.11.3

Details

VuXML ID b5ffaa2a-ee50-4498-af99-61bc1b163c00
Discovery 2005-06-08
Entry 2005-06-09

Matthias Andree reports:

A vulnerability was found in the fetchnews program (the NNTP client) that may under some circumstances cause a wait for input that never arrives, fetchnews "hangs". [...]

As only one fetchnews program can run at a time, subsequently started fetchnews and texpire programs will terminate. [...]

Upgrade your leafnode package to version 1.11.3.

References

CVE Name CVE-2005-1911
FreeBSD PR ports/82056
Message 20050608215155.GB27234@merlin.emma.line.org
URL http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt