Info

Disclosure

May 10, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

efFingerD contains a flaw that may allow a remote denial of service. The issue is triggered by sending a malformed packet containing only a single byte of data, and will result in loss of availability for the daemon.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, dr_insane has released a patch to address this vulnerability.

Products

Evan Sims

efFingerD

0.2.12

References

Other Solution URL: http://members.lycos.co.uk/r34ct/main/fixes/effingerd/binary/ http://members.lycos.co.uk/r34ct/main/fixes/effingerd/source/
Secunia Advisory ID: 11573
CVE ID: 2004-2273 (see also: NVD)
Related OSVDB ID: 5991
Other Advisory URL: http://members.lycos.co.uk/r34ct/main/efFingerD.txt
Vendor URL: https://sourceforge.net/projects/effingerd/

Credit

Dr_insane - dr_insanepathfinder.gr - Personal Page

Direct URL: http://osvdb.org/5992