Date: Mon, 6 Apr 2015 12:29:05 -0400 (EDT) From: cve-assign@...re.org To: irl@...e.org Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: Request CVE for LinuxNode - DoS vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > So, the questions are: > > 1. Is the above reasonable, i.e., there was (at one time) ... irl@...e.org sent us a confirmation without a Cc to oss-security. The CVE mapping is: > a single > vulnerability affecting both node and URONode in which a client could > use "quit" within telnet, and thereby cause the server to waste > network bandwidth on a radio path Use CVE-2015-2927. The known affected version of node (aka LinuxNode) is 0.3.2 (for Debian, the "ax25-node" package name is associated with the "node" source-package name). Within the URONode changelog, the relevant entry is apparently "21/05/08 v1.0.5r3 ... I added a quit_handler routine in the main loop which now will execute a node_logout(), flush out the IPCs, log the event to syslog, and close out the application properly." > app fails to close and more can be spawned by a crafty malicious > user thus bringing the system to a point of no memory available. This does not have a CVE ID. The node software was not attempting to defend against a scenario in which a single client user causes arbitrarily many node processes to run on the server simultaneously. The node software runs as a service under inetd (or a similar program), and any related restrictions would ordinarily be part of the inetd configuration. Lack of restrictions is a site-specific problem. ("crafty malicious user" means, for example: if a client were allowed to have 100 simultaneous node processes, the malicious user could choose a request timing that ensured that 100 processes were always running.) - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVIrO0AAoJEKllVAevmvmsbXgIAJQdYhkCyxks3Js0ZhDkYkoJ 3ITLnWgGp92m/hcL92K/oRL3ZvZj2Ik7kwf/7YsllhQBgVjVwoPjr/c7MA40nbgo 1n/NFeFzrS3PM3ZivBk2wt9Gnc7mLG59P3Z9cR9oAGqhXqKOEodlRSaE1q8fHMFG qm5Sj9AgHqhc4MDCIo+y/R/pSL0Ayiqzr3J8U9B+R+ls6JsY0co45r9OTtCShl+i jazf4xFwNpkYo7VEx4zIIVd2DBUQm3XSqZT5kVdRp3pSf8MkM34E92POlptwKjNJ PiXKMazkLspMwLs9j1WywFuub+XdrFWCWxXl9b83LqoTWcMGU7k3OcUZUqRNrFc= =Jv34 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.