NAI PGP Certificate Server Unresolvable IP DoS

2000-06-14T00:00:00
ID OSVDB:344
Type osvdb
Reporter Ussr Labs(labs@ussrback.com)
Modified 2000-06-14T00:00:00

Description

Vulnerability Description

PGP Certificate Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker connects to port 4000 from an IP address that doesn't resolve, and will result in loss of availability for the service.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Network Associates has released a patch to address this vulnerability.

Short Description

PGP Certificate Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker connects to port 4000 from an IP address that doesn't resolve, and will result in loss of availability for the service.

References:

Vendor URL: http://www.nai.com Other Advisory URL: http://www.ussrback.com/labs44.html Nessus Plugin ID:10442 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-06/0107.html Keyword: Port 4000 ISS X-Force ID: 4695 CVE-2000-0543 Bugtraq ID: 1343