Info

Disclosure

Nov 30, 2005

Discovery

Unknown

Dates

Exploit

Nov 30, 2005

Solution

Unknown

Description

Centericq contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a zero length packet to the Centericq client, and will result in loss of availability for Centericq.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to version 4.21.0-r1 or higher, as it has been reported to fix this vulnerability. In addition, various Linux distributions have released patches for some older versions.

Products

Konstantin Klyagin

Centericq

4.20.0-r3

References

Secunia Advisory ID: 17798 17818 18081
CVE ID: 2005-3694 (see also: NVD)
ISS X-Force ID: 23327
Vendor URL: http://thekonst.net/en/centericq
Other Advisory URL: http://www.debian.org/security/2005/dsa-912
http://www.gentoo.org/security/en/glsa/glsa-200512-11.xml

Credit

Wernfried Haas -

Direct URL: http://osvdb.org/21270