oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Request CVE for LinuxNode - DoS vulnerability

From: cve-assign () mitre org
Date: Mon, 6 Apr 2015 12:29:05 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


So, the questions are:

1. Is the above reasonable, i.e., there was (at one time) ...


irl () fsfe org sent us a confirmation without a Cc to oss-security.

The CVE mapping is:


a single
vulnerability affecting both node and URONode in which a client could
use "quit" within telnet, and thereby cause the server to waste
network bandwidth on a radio path


Use CVE-2015-2927. The known affected version of node (aka LinuxNode)
is 0.3.2 (for Debian, the "ax25-node" package name is associated with
the "node" source-package name). Within the URONode changelog, the
relevant entry is apparently "21/05/08 v1.0.5r3 ... I added a
quit_handler routine in the main loop which now will execute a
node_logout(), flush out the IPCs, log the event to syslog, and close
out the application properly."



app fails to close and more can be spawned by a crafty malicious
user thus bringing the system to a point of no memory available.


This does not have a CVE ID. The node software was not attempting to
defend against a scenario in which a single client user causes
arbitrarily many node processes to run on the server simultaneously.
The node software runs as a service under inetd (or a similar
program), and any related restrictions would ordinarily be part of the
inetd configuration. Lack of restrictions is a site-specific problem.

("crafty malicious user" means, for example: if a client were allowed
to have 100 simultaneous node processes, the malicious user could
choose a request timing that ensured that 100 processes were always
running.)

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVIrO0AAoJEKllVAevmvmsbXgIAJQdYhkCyxks3Js0ZhDkYkoJ
3ITLnWgGp92m/hcL92K/oRL3ZvZj2Ik7kwf/7YsllhQBgVjVwoPjr/c7MA40nbgo
1n/NFeFzrS3PM3ZivBk2wt9Gnc7mLG59P3Z9cR9oAGqhXqKOEodlRSaE1q8fHMFG
qm5Sj9AgHqhc4MDCIo+y/R/pSL0Ayiqzr3J8U9B+R+ls6JsY0co45r9OTtCShl+i
jazf4xFwNpkYo7VEx4zIIVd2DBUQm3XSqZT5kVdRp3pSf8MkM34E92POlptwKjNJ
PiXKMazkLspMwLs9j1WywFuub+XdrFWCWxXl9b83LqoTWcMGU7k3OcUZUqRNrFc=
=Jv34
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: