oss-sec mailing list archives
Re: Request CVE for LinuxNode - DoS vulnerability
From: cve-assign () mitre org
Date: Mon, 6 Apr 2015 12:29:05 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
So, the questions are: 1. Is the above reasonable, i.e., there was (at one time) ...
irl () fsfe org sent us a confirmation without a Cc to oss-security. The CVE mapping is:
a single vulnerability affecting both node and URONode in which a client could use "quit" within telnet, and thereby cause the server to waste network bandwidth on a radio path
Use CVE-2015-2927. The known affected version of node (aka LinuxNode) is 0.3.2 (for Debian, the "ax25-node" package name is associated with the "node" source-package name). Within the URONode changelog, the relevant entry is apparently "21/05/08 v1.0.5r3 ... I added a quit_handler routine in the main loop which now will execute a node_logout(), flush out the IPCs, log the event to syslog, and close out the application properly."
app fails to close and more can be spawned by a crafty malicious user thus bringing the system to a point of no memory available.
This does not have a CVE ID. The node software was not attempting to defend against a scenario in which a single client user causes arbitrarily many node processes to run on the server simultaneously. The node software runs as a service under inetd (or a similar program), and any related restrictions would ordinarily be part of the inetd configuration. Lack of restrictions is a site-specific problem. ("crafty malicious user" means, for example: if a client were allowed to have 100 simultaneous node processes, the malicious user could choose a request timing that ensured that 100 processes were always running.) - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVIrO0AAoJEKllVAevmvmsbXgIAJQdYhkCyxks3Js0ZhDkYkoJ 3ITLnWgGp92m/hcL92K/oRL3ZvZj2Ik7kwf/7YsllhQBgVjVwoPjr/c7MA40nbgo 1n/NFeFzrS3PM3ZivBk2wt9Gnc7mLG59P3Z9cR9oAGqhXqKOEodlRSaE1q8fHMFG qm5Sj9AgHqhc4MDCIo+y/R/pSL0Ayiqzr3J8U9B+R+ls6JsY0co45r9OTtCShl+i jazf4xFwNpkYo7VEx4zIIVd2DBUQm3XSqZT5kVdRp3pSf8MkM34E92POlptwKjNJ PiXKMazkLspMwLs9j1WywFuub+XdrFWCWxXl9b83LqoTWcMGU7k3OcUZUqRNrFc= =Jv34 -----END PGP SIGNATURE-----
Current thread:
- Request CVE for LinuxNode - DoS vulnerability Iain R. Learmonth (Apr 03)
- Re: Request CVE for LinuxNode - DoS vulnerability cve-assign (Apr 03)
- <Possible follow-ups>
- Re: Request CVE for LinuxNode - DoS vulnerability cve-assign (Apr 06)