LAN Messenger Malformed Initiation Request Remote Denial Of Service Vulnerability Network Vulnerability

Summary

The host is running LAN Messenger and is prone to denial of service vulnerability.

Impact

Successful exploitation may allow remote attackers to cause the application to crash, creating a denial of service condition. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

The flaw is triggered when processing a malformed initiation request and can be exploited to cause a denial of service via a specially crafted packet.

Affected

LAN Messenger versions 1.2.28 and prior

References

http://packetstormsecurity.org/files/112389/VL-537.txt
http://www.exploit-db.com/exploits/18816
http://www.securityfocus.com/archive/1/522545
http://www.vulnerability-lab.com/get_content.php?id=537
http://xforce.iss.net/xforce/xfdb/75319

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3845
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Connect back to SOCKS5 server
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
ejabberd 'mod_pubsub' Module Denial of Service Vulnerability
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
Adobe Acrobat PDF File Denial Of Service Vulnerability

LAN Messenger Malformed Initiation Request Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities