CVE-2001-0683 — Missing Release of Memory after Effective Lifetime in Collabra Server

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 26.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netscape Collabra Server

Timeline

PublishedSep 20

Latest updateApr 30

Description

Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnetscape/collabra_server3.5.4

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-qgc4-q259-hqvf: Memory leak in Netscape Collabra Server 3↗2022-04-30

▶

CVEList

CVE-2001-0683: Memory leak in Netscape Collabra Server 3↗2001-08-29

▶