CVE-2008-2953

Published: Jul 1, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.

Affected (9)

Products: Linux: Direct Connect

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Linux Direct Connect	Version 0.686
Linux Direct Connect	Version 0.699
Linux Direct Connect	Version 0.700
Linux Direct Connect	Version 0.701
Linux Direct Connect	Version 0.702
Linux Direct Connect	Version 0.703
Linux Direct Connect	Version 0.704
Linux Direct Connect	Version 0.705
Linux Direct Connect	Version 0.706

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (22)

http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp/client/ShareManager.cpp.diff?r1=1.14&r2=1.15&sortby=date

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/30812

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/30907

Source: cve@mitre.org

http://secunia.com/advisories/30918

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?release_id=608612&group_id=40287

Source: cve@mitre.org

http://www.securityfocus.com/bid/29924

Source: cve@mitre.org

http://www.securitytracker.com/id?1020407

Source: cve@mitre.org

http://www.securitytracker.com/id?1020408

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/43341

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00101.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00116.html

Source: cve@mitre.org

http://cvs.berlios.de/cgi-bin/viewcvs.cgi/linuxdcpp/linuxdcpp/client/ShareManager.cpp.diff?r1=1.14&r2=1.15&sortby=date

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/30812

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/30907

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/30918

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/project/shownotes.php?release_id=608612&group_id=40287

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/29924

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1020407

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1020408

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/43341

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00101.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00116.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.