Design/Logic Flaw

2006-05-1610:02:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read).

CPENameOperatorVersion
raydiumeq0.0.0-svnrevision291
raydiumeq0.0.0-svnrevision304
raydiumeq0.0.0-svnrevision303
raydiumeq0.0.0-svnrevision295
raydiumeq0.0.0-svnrevision284
raydiumeq0.0.0-svnrevision298
raydiumeq0.0.0-svnrevision294
raydiumeq0.0.0-svnrevision309
raydiumeq0.0.0-svnrevision283
raydiumeq0.0.0-svnrevision285

Name	Operator	Version
raydium	eq	0.0.0-svnrevision291
raydium	eq	0.0.0-svnrevision304
raydium	eq	0.0.0-svnrevision303
raydium	eq	0.0.0-svnrevision295
raydium	eq	0.0.0-svnrevision284
raydium	eq	0.0.0-svnrevision298
raydium	eq	0.0.0-svnrevision294
raydium	eq	0.0.0-svnrevision309
raydium	eq	0.0.0-svnrevision283
raydium	eq	0.0.0-svnrevision285

Rows per page:

1-10 of 301

References

aluigi.altervista.org/adv/raydiumx-adv.txt

secunia.com/advisories/20097

securityreason.com/securityalert/900

www.securityfocus.com/archive/1/433930/100/0/threaded

www.securityfocus.com/bid/17986

www.vupen.com/english/advisories/2006/1808

exchange.xforce.ibmcloud.com/vulnerabilities/26516