Conga ricci Connection Limit Remote Denial Of Service Vulnerability
BID:26393
Info
Conga ricci Connection Limit Remote Denial Of Service Vulnerability
| Bugtraq ID: | 26393 |
| Class: | Design Error |
| CVE: |
CVE-2007-4136 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 09 2007 12:00AM |
| Updated: | Nov 23 2007 06:04PM |
| Credit: | Mark J. Cox is credited with the discovery of this vulnerability. |
| Vulnerable: |
Redhat Enterprise Linux Clustering 5 server Redhat Cluster Suite EL 4.6.z Redhat Cluster Suite EL 4.5.z Conga ricci 0 |
| Not Vulnerable: | |
Discussion
Conga ricci Connection Limit Remote Denial Of Service Vulnerability
Conga 'ricci' is prone to a denial-of-service vulnerabilit because the daemon limits the number of connection requests.
An attacker can exploit this issue to deny service to legitimate users.
Conga 'ricci' is prone to a denial-of-service vulnerabilit because the daemon limits the number of connection requests.
An attacker can exploit this issue to deny service to legitimate users.
Exploit / POC
Conga ricci Connection Limit Remote Denial Of Service Vulnerability
An attacker can use readily available network utilities to exploit this issue.
An attacker can use readily available network utilities to exploit this issue.
Solution / Fix
Conga ricci Connection Limit Remote Denial Of Service Vulnerability
Solution:
Updates are available to address this issue. Please see the references for more information.
Solution:
Updates are available to address this issue. Please see the references for more information.
References
Conga ricci Connection Limit Remote Denial Of Service Vulnerability
References:
References: