Vulnerability Details : CVE-2002-1661
The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group.
Vulnerability category: Denial of service
Products affected by CVE-2002-1661
- cpe:2.3:a:leafnode:leafnode:1.9.25:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.26:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.21:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.22:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.23:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.24:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.19:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.20:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.27:*:*:*:*:*:*:*
- cpe:2.3:a:leafnode:leafnode:1.9.29:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2002-1661
2.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-1661
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2002-1661
-
http://www.securityfocus.com/bid/6490
Patch
-
http://secunia.com/advisories/7799
About Secunia Research | Flexera
-
http://marc.info/?l=bugtraq&m=104152295210075&w=2
-
http://secunia.com/advisories/7801
-
http://leafnode.sourceforge.net/leafnode-SA-2002-01.txt
Patch
-
http://secunia.com/advisories/7870
-
http://www.mandriva.com/security/advisories?name=MDKSA-2003:005
-
http://marc.info/?l=bugtraq&m=104127108823436&w=2
'Leafnode security announcement SA:2002:01' - MARC
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/10942
-
http://www.securitytracker.com/id?1005865
Jump to