DConnect console.users Hub Connection DoS

2004-04-07T00:00:00
ID OSVDB:7107
Type osvdb
Reporter OSVDB
Modified 2004-04-07T00:00:00

Description

Vulnerability Description

DConnect contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker attempts to connect to a hub using a console.users file with empty fields, and will result in loss of availability for the service.

Solution Description

Upgrade to version 0.3.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

DConnect contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker attempts to connect to a hub using a console.users file with empty fields, and will result in loss of availability for the service.

References:

Vendor URL: http://www.dc.ds.pg.gda.pl/ Vendor Specific Advisory URL Vendor Specific Advisory URL