The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.
References
Link | Resource |
---|---|
http://marc.info/?l=full-disclosure&m=117320823618036&w=2 | Third Party Advisory |
http://osvdb.org/33887 | Broken Link |
http://secunia.com/advisories/24426 | Permissions Required |
http://secunia.com/advisories/24431 | Permissions Required |
http://security.gentoo.org/glsa/glsa-200703-12.xml | Third Party Advisory |
http://www.securityfocus.com/bid/22846 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/32846 |
Configurations
History
No history.
Information
Published : 2007-03-07 21:19
Updated : 2024-02-28 11:01
NVD link : CVE-2007-1327
Mitre link : CVE-2007-1327
CVE.ORG link : CVE-2007-1327
JSON object : View
Products Affected
silc
- silc-server
CWE
CWE-476
NULL Pointer Dereference