Vulnerabilities > CVE-2007-4158 - Resource Management Errors vulnerability in Tibco Rendezvous 7.5.2/7.5.3/7.5.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to cause a denial of service (memory consumption) via a packet with a length field of zero, a different vulnerability than CVE-2006-2830.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Denial of Service |
NASL id | RENDEZVOUS_8_0_0.NASL |
description | The remote host appears to be running Rendezvous, a commercial messaging software product used for building distributed applications According to its banner, Rendezvous |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 28376 |
published | 2007-12-02 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/28376 |
title | Rendezvous < 8.0.0 Crafted Packet Remote DoS |
code |
|
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0620.html
- http://osvdb.org/37680
- http://secunia.com/advisories/26337
- http://www.attrition.org/pipermail/vim/2007-December/001855.html
- http://www.irmplc.com/content/pdfs/Security_Testing_Enterprise_Messaging_Systems.pdf
- http://www.irmplc.com/index.php/111-Vendor-Alerts
- http://www.irmplc.com/index.php/160-Advisory-025
- http://www.securityfocus.com/bid/25132
- http://www.securitytracker.com/id?1018512
- http://www.vupen.com/english/advisories/2007/2814