This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Leafnode First view 2002-12-31
Product Leafnode Last view 2005-06-09
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:leafnode:leafnode:1.9.26:*:*:*:*:*:*:* 4
cpe:2.3:a:leafnode:leafnode:1.9.25:*:*:*:*:*:*:* 4
cpe:2.3:a:leafnode:leafnode:1.9.27:*:*:*:*:*:*:* 4
cpe:2.3:a:leafnode:leafnode:1.9.29:*:*:*:*:*:*:* 4
cpe:2.3:a:leafnode:leafnode:1.9.31:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.35:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.39:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.38:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.41:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.40:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.30:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.36:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.20:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.19:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.24:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.23:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.22:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.21:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.9.37:*:*:*:*:*:*:* 3
cpe:2.3:a:leafnode:leafnode:1.11.1:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.10.0:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.53:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.52:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.48:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.43:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.42:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.34:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.45:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.44:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.28:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.33:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.32:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.47:*:*:*:*:*:*:* 2
cpe:2.3:a:leafnode:leafnode:1.9.46:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
5 2005-06-09 CVE-2005-1911

The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
5 2005-05-05 CVE-2005-1453

fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.
5 2004-12-31 CVE-2004-2068

fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an empty NNTP news article with missing mandatory headers.
5 2003-10-20 CVE-2003-0744

The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.
5 2002-12-31 CVE-2002-1661

The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group.

Open Source Vulnerability Database (OSVDB)

id Description
17295 leafnode Multiple fetchnews/texpire Instance DoS
16568 leafnode Cross-Posted Article Group Name Prefix DoS
16187 leafnode fetchnews Article Transfer Disconnect DoS
6452 leafnode fetchnews Client Malformed Usenet Post DoS
3441 leafnode Missing Header DoS

OpenVAS Exploits

id Description
2008-09-04 Name : FreeBSD Ports: leafnode
File : nvt/freebsd_leafnode.nasl
2008-09-04 Name : FreeBSD Ports: leafnode
File : nvt/freebsd_leafnode0.nasl
2008-09-04 Name : FreeBSD Ports: leafnode
File : nvt/freebsd_leafnode1.nasl
2008-09-04 Name : FreeBSD Ports: leafnode
File : nvt/freebsd_leafnode2.nasl
2008-09-04 Name : FreeBSD Ports: leafnode
File : nvt/freebsd_leafnode3.nasl
2005-11-03 Name : Leafnode denials of service
File : nvt/leafnode_version.nasl

Nessus® Vulnerability Scanner

id Description
2009-10-27 Name: The remote NNTP server is vulnerable to a denial of service attack.
File: leafnode_1_9_29.nasl - Type: ACT_GATHER_INFO
2009-10-27 Name: The remote server is vulnerable to a denial of service attack.
File: leafnode_1_9_47.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_a051a4ec3aa14dd19bdca61eb5700153.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_66dbb2ee99b845b2bb3e640caea67a60.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_7b0208ff3f654e168d4d48fd9851f085.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_b5ffaa2aee504498af9961bc1b163c00.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_f7a3b18c624c47039756b6b27429e5b0.nasl - Type: ACT_GATHER_INFO
2005-07-12 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-114.nasl - Type: ACT_GATHER_INFO
2004-07-31 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2003-005.nasl - Type: ACT_GATHER_INFO