Summary
This host is installed with Request Tracker (RT) and is prone to remote denial of service vulnerability.
Impact
Successful exploitation will allow attacker to consume CPU resource resulting in denial of service.
Impact Level: System/Application
Solution
Upgrade to version 4.2.5 or higher,
For updates refer to http://bestpractical.com/rt
Insight
An algorithmic complexity flaw is in Perl CPAN Email::Address::List that is triggered when handling a specially crafted string without an address.
Affected
Request Tracker (RT) version 4.2.0 through 4.2.2
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1474 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Avahi Denial of Service Vulnerability
- Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
- Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
- ClamAV LZH File Unpacking Denial of Service Vulnerability (Linux)
- Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win