Vulnerabilities > CVE-2007-0538 - Denial-Of-Service vulnerability in Community Server Forums

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

telligent-systems

NVD

Published: 2007-01-29

Updated: 2018-10-16

Summary

Telligent Community Server 2.1 and earlier allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to (1) a large file, which triggers a long download session without a timeout constraint; or (2) a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.

Vulnerable Configurations

Part	Description	Count
Application	Telligent_Systems Telligent Systems Community Server Forums *	1

References

http://osvdb.org/33583
http://osvdb.org/33584
http://securityreason.com/securityalert/2211
http://www.securityfocus.com/archive/1/457996/100/0/threaded
http://www.securityfocus.com/archive/1/457999/100/0/threaded