CVE-2008-0153
published 2008-01-09CVE-2008-0153: telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
13.12%
95.9th percentile
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which triggers a NULL pointer dereference.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pragma_systems | pragma_telnetserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2008-0596 cups: memory leak handling IPP browse requests
bugzilla·2008-02-21·CVSS 5.0
CVE-2008-0596 [MEDIUM] CVE-2008-0596 cups: memory leak handling IPP browse requests
CVE-2008-0596 cups: memory leak handling IPP browse requests
Whilst investigating a double-free issue in process_browse_data (Bug #433758) we
discovered that older versions of CUPS as shipped with Enterprise Linux 3 and 4
did not free the mime type allocated when a remote resource timed out.
A malicious user on the local subnet could send carefully crafted IPP packets to
the udp port in such a way as to consume memory and lead to a CUPS crash.
Discussion:
Lifting embargo.
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0153.html
http://rhn.redhat.com/errata/RHSA-2008-0161.html
---
Created attachment 312752
Patch as used in Red Hat Enterprise Linux 4 CUPS packages based on upstream 1.1.22rc1
Bugzilla
CVE-2008-0597 cups: dereference of free'd memory handling IPP browse requests
bugzilla·2008-02-21·CVSS 5.0
CVE-2008-0597 [MEDIUM] CVE-2008-0597 cups: dereference of free'd memory handling IPP browse requests
CVE-2008-0597 cups: dereference of free'd memory handling IPP browse requests
Whilst investigating a memory leak issue handling IPP browse requests (Bug
#433825) we discovered that older versions of CUPS as shipped with Enterprise
Linux 3 and 4 could end up derefencing free'd memory.
A malicious user on the local subnet could send a set of carefully crafted IPP
packets to the udp port in such a way as to cause CUPS to crash.
This issue doesn't affect recent upstream versions of CUPS as shipped in Red Hat
Enterprise Linux 5.
Discussion:
Lifting embargo.
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0153.html
http://rhn.redhat.com/errata/RHSA-2008-0161.html
---
Created attachment 312753
Patch as used in Red Hat Enterprise Linux 4
http://aluigi.altervista.org/adv/pragmatel-adv.txthttp://marc.info/?l=bugtraq&m=119947184730448&w=2http://www.securityfocus.com/bid/27143https://exchange.xforce.ibmcloud.com/vulnerabilities/39353http://aluigi.altervista.org/adv/pragmatel-adv.txthttp://marc.info/?l=bugtraq&m=119947184730448&w=2http://www.securityfocus.com/bid/27143https://exchange.xforce.ibmcloud.com/vulnerabilities/39353
2008-01-09
Published