| Vulnerability Name: | CVE-2005-2024 (CCN-21046) | ||||||||
| Assigned: | 2005-06-17 | ||||||||
| Published: | 2005-06-17 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers to cause a denial of service via (1) certain "unusual HTML messages" or (2) "certain malformed headers" such as Content-Type. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MISC Type: Patch, Vendor Advisory http://bugs.gentoo.org/show_bug.cgi?id=95492 Source: MITRE Type: CNA CVE-2005-2024 Source: CCN Type: Razor-agents Download Web site Select a mirror for file: razor/razor-agents 2.72.tar.gz Source: CCN Type: Razor-agents Web site Vipul's Razor: home Source: GENTOO Type: Patch, Vendor Advisory GLSA-200506-17 Source: CONFIRM Type: Patch, Vendor Advisory http://sourceforge.net/mailarchive/forum.php?thread_id=7520323&forum_id=4259 Source: DEBIAN Type: UNKNOWN DSA-738 Source: DEBIAN Type: DSA-738 razor -- remote denial of service Source: CCN Type: GLSA-200506-17 SpamAssassin 3, Vipul's Razor: Denial of Service vulnerability Source: SUSE Type: UNKNOWN SUSE-SA:2005:035 Source: BID Type: Patch, Vendor Advisory 13984 Source: CCN Type: BID-13984 Vipul Razor-agents Multiple Unspecified Denial Of Service Vulnerabilities Source: XF Type: UNKNOWN razor-agents-html-messages-dos(21046) Source: SUSE Type: SUSE-SA:2005:035 razor-agents: denial of service attack | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2005-2024 (CCN-21047) | ||||||||
| Assigned: | 2005-06-17 | ||||||||
| Published: | 2005-06-17 | ||||||||
| Updated: | 2005-06-17 | ||||||||
| Summary: | Razor-agents is vulnerable to a denial of service attack, caused by a vulnerability in the discovery logic. A remote attacker can send a specially-crafted HTML message, causing discovery logic to fail and enter into an infinite loop, resulting in a denial of service. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2024 Source: CCN Type: Razor-agents Download Web site Select a mirror for file: razor/razor-agents 2.72.tar.gz Source: CCN Type: Razor-agents Web site Vipul's Razor: home Source: DEBIAN Type: DSA-738 razor -- remote denial of service Source: CCN Type: GLSA-200506-17 SpamAssassin 3, Vipul's Razor: Denial of Service vulnerability Source: CCN Type: BID-13984 Vipul Razor-agents Multiple Unspecified Denial Of Service Vulnerabilities Source: XF Type: UNKNOWN razor-agents-infinite-loop-dos(21047) | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||