CVE-2002-1661

2005-05-0504:00:00

[email protected]

web.nvd.nist.gov

leafnode

denial of service

cve-2002-1661

security vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

High

0.046 Low

EPSS

Percentile

92.6%

JSON

The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group.

Affected configurations

NVD

Node

leafnodeleafnodeMatch1.9.19

leafnodeleafnodeMatch1.9.20

leafnodeleafnodeMatch1.9.21

leafnodeleafnodeMatch1.9.22

leafnodeleafnodeMatch1.9.23

leafnodeleafnodeMatch1.9.24

leafnodeleafnodeMatch1.9.25

leafnodeleafnodeMatch1.9.26

leafnodeleafnodeMatch1.9.27

leafnodeleafnodeMatch1.9.29

CPENameOperatorVersion
leafnode:leafnodeleafnodeeq1.9.19
leafnode:leafnodeleafnodeeq1.9.20
leafnode:leafnodeleafnodeeq1.9.21
leafnode:leafnodeleafnodeeq1.9.22
leafnode:leafnodeleafnodeeq1.9.23
leafnode:leafnodeleafnodeeq1.9.24
leafnode:leafnodeleafnodeeq1.9.25
leafnode:leafnodeleafnodeeq1.9.26
leafnode:leafnodeleafnodeeq1.9.27
leafnode:leafnodeleafnodeeq1.9.29

CPE	Name	Operator	Version
leafnode:leafnode	leafnode	eq	1.9.19
leafnode:leafnode	leafnode	eq	1.9.20
leafnode:leafnode	leafnode	eq	1.9.21
leafnode:leafnode	leafnode	eq	1.9.22
leafnode:leafnode	leafnode	eq	1.9.23
leafnode:leafnode	leafnode	eq	1.9.24
leafnode:leafnode	leafnode	eq	1.9.25
leafnode:leafnode	leafnode	eq	1.9.26
leafnode:leafnode	leafnode	eq	1.9.27
leafnode:leafnode	leafnode	eq	1.9.29