Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
BID:1343
Info
Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
| Bugtraq ID: | 1343 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2000-0543 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jun 14 2000 12:00AM |
| Updated: | Jul 11 2009 02:56AM |
| Credit: | Discovered by and posted to Bugtraq on June 13, 2000 by Ussr Labs <[email protected]>. |
| Vulnerable: |
Network Associates PGP Certificate Server 2.5 Microsoft Virtual Machine for Macintosh 2.5.1 |
| Not Vulnerable: | |
Discussion
Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
PGP Certificate Server by default listens on port 4000 to allow remote server management and on port 5000 for PGP replication. If the server is unable to resolve the IP address of a machine connecting to either port to a hostname the service may crash with an error message warning that memory at address 0x00000000 could not be read.
PGP Certificate Server by default listens on port 4000 to allow remote server management and on port 5000 for PGP replication. If the server is unable to resolve the IP address of a machine connecting to either port to a hostname the service may crash with an error message warning that memory at address 0x00000000 could not be read.
Exploit / POC
Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
Solution:
Network Associates has released a patch which rectifies this issue. It is currently available at:
http://www.tis.com/support/hotfix.html
Solution:
Network Associates has released a patch which rectifies this issue. It is currently available at:
http://www.tis.com/support/hotfix.html
References
Network Associates PGP Certificate Server Unresolveable IP Address DoS Vulnerability
References:
References:
- Denial of Service Vulnerability Hotfix (Network Associates Inc.)
- PGP Certificate Server Product Homepage (Network Associates Inc.)