FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

leafnode -- denial of service vulnerability

Affected packages
leafnode < 1.11.3


VuXML ID b5ffaa2a-ee50-4498-af99-61bc1b163c00
Discovery 2005-06-08
Entry 2005-06-09

Matthias Andree reports:

A vulnerability was found in the fetchnews program (the NNTP client) that may under some circumstances cause a wait for input that never arrives, fetchnews "hangs". [...]

As only one fetchnews program can run at a time, subsequently started fetchnews and texpire programs will terminate. [...]

Upgrade your leafnode package to version 1.11.3.


CVE Name CVE-2005-1911
FreeBSD PR ports/82056