Vulnerabilities > CVE-2006-0956 - Remote TLS Connection Handling Denial of Service vulnerability in Nufw Firewall 1.0.20

047910
CVSS 1.7 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
low complexity
nufw

Summary

nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server. This vulnerability affects NuFW, NuFW Firewall versions 1.0.20 and previous.

Vulnerable Configurations

Part Description Count
Application
Nufw
1