MidnightBSD

Advisories for leafnode

CVE-2002-1661 MEDIUM

The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leafnode leafnode 1.9.22
leafnode leafnode 1.9.20
leafnode leafnode 1.9.21
leafnode leafnode 1.9.24
leafnode leafnode 1.9.27
leafnode leafnode 1.9.23
leafnode leafnode 1.9.26
leafnode leafnode 1.9.19
leafnode leafnode 1.9.25
leafnode leafnode 1.9.29
CVE-2003-0744 MEDIUM

The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leafnode leafnode 1.9.37
leafnode leafnode 1.9.31
leafnode leafnode 1.9.35
leafnode leafnode 1.9.20
leafnode leafnode 1.9.39
leafnode leafnode 1.9.21
leafnode leafnode 1.9.24
leafnode leafnode 1.9.27
leafnode leafnode 1.9.30
leafnode leafnode 1.9.41
leafnode leafnode 1.9.36
leafnode leafnode 1.9.22
leafnode leafnode 1.9.38
leafnode leafnode 1.9.40
leafnode leafnode 1.9.23
leafnode leafnode 1.9.26
leafnode leafnode 1.9.19
leafnode leafnode 1.9.25
leafnode leafnode 1.9.29
CVE-2004-2068 MEDIUM

fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an empty NNTP news article with missing mandatory headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leafnode leafnode 1.9.37
leafnode leafnode 1.9.31
leafnode leafnode 1.9.35
leafnode leafnode 1.9.34
leafnode leafnode 1.9.33
leafnode leafnode 1.9.47
leafnode leafnode 1.9.39
leafnode leafnode 1.9.43
leafnode leafnode 1.9.27
leafnode leafnode 1.9.30
leafnode leafnode 1.9.41
leafnode leafnode 1.9.36
leafnode leafnode 1.9.32
leafnode leafnode 1.9.45
leafnode leafnode 1.9.46
leafnode leafnode 1.9.38
leafnode leafnode 1.9.44
leafnode leafnode 1.9.40
leafnode leafnode 1.9.28
leafnode leafnode 1.9.42
leafnode leafnode 1.9.26
leafnode leafnode 1.9.25
leafnode leafnode 1.9.29
CVE-2005-1453 MEDIUM

fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leafnode leafnode 1.9.53
leafnode leafnode 1.9.48
leafnode leafnode 1.11.1
leafnode leafnode 1.10.0
leafnode leafnode 1.9.52
CVE-2005-1911 MEDIUM

The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leafnode leafnode 1.9.31
leafnode leafnode 1.9.35
leafnode leafnode 1.9.53
leafnode leafnode 1.9.39
leafnode leafnode 1.9.43
leafnode leafnode 1.9.21
leafnode leafnode 1.9.24
leafnode leafnode 1.9.48
leafnode leafnode 1.9.30
leafnode leafnode 1.9.41
leafnode leafnode 1.9.36
leafnode leafnode 1.9.32
leafnode leafnode 1.9.45
leafnode leafnode 1.9.46
leafnode leafnode 1.9.38
leafnode leafnode 1.9.44
leafnode leafnode 1.11.1
leafnode leafnode 1.9.40
leafnode leafnode 1.9.28
leafnode leafnode 1.10.0
leafnode leafnode 1.9.19
leafnode leafnode 1.9.37
leafnode leafnode 1.9.34
leafnode leafnode 1.9.33
leafnode leafnode 1.9.47
leafnode leafnode 1.9.20
leafnode leafnode 1.9.27
leafnode leafnode 1.9.52
leafnode leafnode 1.9.22
leafnode leafnode 1.9.23
leafnode leafnode 1.9.42
leafnode leafnode 1.9.26
leafnode leafnode 1.9.25
leafnode leafnode 1.9.29