CVE-2007-4136

7 documents5 sources
Severity
5.0MEDIUM
EPSS
1.2%
top 21.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Conga
Timeline
PublishedNov 14
Latest updateMay 1

Description

The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDredhat/conga0.10.0

Patches

Patch: rhn.redhat.comPatch: securitytracker.comPatch: rhn.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-6v59-3wh4-8h9q: The ricci daemon in Red Hat Conga 02022-05-01
CVEList
CVE-2007-4136: The ricci daemon in Red Hat Conga 02007-11-14

📋Vendor Advisories

2
Red Hat
postgresql: SQL privilege escalation via modifications to session-local state2009-12-14
Red Hat
ricci is vulnerable to a connect DoS attack2007-10-31

💬Community

1
Bugzilla
CVE-2007-4136 ricci is vulnerable to a connect DoS attack2007-10-17
CVE-2007-4136 (MEDIUM CVSS 5) | The ricci daemon in Red Hat Conga 0 | cvebase.io