CVE-2004-0604

3 documents3 sources

Severity

5.0MEDIUM

EPSS

1.3%

top 20.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gentoo Linux Gift-fasttrack Gift-fasttrack

Timeline

PublishedDec 6

Latest updateApr 29

Description

The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDgift-fasttrack/gift-fasttrack7 versions+6

▶NVDgentoo/linux1.4

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-g5h7-crcc-v46p: The HTTP client and server in giFT-FastTrack 0↗2022-04-29

▶

CVEList

CVE-2004-0604: The HTTP client and server in giFT-FastTrack 0↗2004-06-30

▶