Vulnerabilities > CVE-2008-1996 - Resource Management Errors vulnerability in Licq
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion and application crash) via a large number of connections. More information located: http://www.securityfocus.com/bid/28679/info
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | LICQ 1.3.5 File Descriptor Remote Denial of Service Vulnerability. CVE-2008-1996. Dos exploit for unix platform |
| id | EDB-ID:31627 |
| last seen | 2016-02-03 |
| modified | 2008-04-08 |
| published | 2008-04-08 |
| reporter | Milen Rangelov |
| source | https://www.exploit-db.com/download/31627/ |
| title | LICQ <= 1.3.5 - File Descriptor Remote Denial of Service Vulnerability |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2008-3909.NASL description - Mon May 12 2008 Jiri Moskovcak <jmoskovc at redhat.com> 1.3.4-8 - fixed DoS vulnerability - CVE-2009-1996 - Mon Nov 26 2007 Jiri Moskovcak <jmoskovc at redhat.com> 1.3.4-7 - fixed sigsegv when new user requested authorization - Resolves: #389731 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 32341 published 2008-05-16 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32341 title Fedora 7 : licq-1.3.4-8.fc7 (2008-3909) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-3909. # include("compat.inc"); if (description) { script_id(32341); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-1996"); script_xref(name:"FEDORA", value:"2008-3909"); script_name(english:"Fedora 7 : licq-1.3.4-8.fc7 (2008-3909)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Mon May 12 2008 Jiri Moskovcak <jmoskovc at redhat.com> 1.3.4-8 - fixed DoS vulnerability - CVE-2009-1996 - Mon Nov 26 2007 Jiri Moskovcak <jmoskovc at redhat.com> 1.3.4-7 - fixed sigsegv when new user requested authorization - Resolves: #389731 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=445236" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/009907.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d55f1e39" ); script_set_attribute(attribute:"solution", value:"Update the affected licq package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:licq"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC7", reference:"licq-1.3.4-8.fc7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "licq"); }NASL family Fedora Local Security Checks NASL id FEDORA_2008-3812.NASL description - Mon May 12 2008 Jiri Moskovcak <jmoskovc at redhat.com> 1.3.5-2 - fixed DoS vulnerability CVE-2008-1996 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 32333 published 2008-05-16 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32333 title Fedora 9 : licq-1.3.5-2.fc9 (2008-3812) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-3812. # include("compat.inc"); if (description) { script_id(32333); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-1996"); script_bugtraq_id(28679); script_xref(name:"FEDORA", value:"2008-3812"); script_name(english:"Fedora 9 : licq-1.3.5-2.fc9 (2008-3812)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Mon May 12 2008 Jiri Moskovcak <jmoskovc at redhat.com> 1.3.5-2 - fixed DoS vulnerability CVE-2008-1996 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=445236" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-July/012759.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d2dd71bb" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/009838.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c51e60d2" ); script_set_attribute(attribute:"solution", value:"Update the affected licq package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:licq"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC9", reference:"licq-1.3.5-2.fc9")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "licq"); }NASL family Fedora Local Security Checks NASL id FEDORA_2008-3969.NASL description Fixed DoS vulnerability CVE-2008-1996 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 32347 published 2008-05-16 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/32347 title Fedora 8 : licq-1.3.4-9.fc8 (2008-3969) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-3969. # include("compat.inc"); if (description) { script_id(32347); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-1996"); script_xref(name:"FEDORA", value:"2008-3969"); script_name(english:"Fedora 8 : licq-1.3.4-9.fc8 (2008-3969)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Fixed DoS vulnerability CVE-2008-1996 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=445236" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/009905.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d78b2bfa" ); script_set_attribute(attribute:"solution", value:"Update the affected licq package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:licq"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC8", reference:"licq-1.3.4-9.fc8")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "licq"); }
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 28679 CVE(CAN) ID: CVE-2008-1996 Licq是基于linux qt的ICQ聊天客户端。 Licq在处理大量连接时存在漏洞,远程攻击者可能利用此漏洞导致Licq崩溃。 在运行时licq会在30000和65000之间的随机端口打开监听套接字。由于没有执行基于主机的认证,任何远程主机都可以连接。licq会在指定的超时后关闭这些连接。 如果远程用户创建了大量的入站TCP连接的话,则耗尽所有开放的文件描述符(大多数linux安装中非root用户为1024个)后,新的入站TCP连接请求就会导致licq崩溃。 LICQ 1.3.5 LICQ ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.licq.org/changeset/6146 target=_blank>http://www.licq.org/changeset/6146</a> |
| id | SSV:3261 |
| last seen | 2017-11-19 |
| modified | 2008-05-07 |
| published | 2008-05-07 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-3261 |
| title | LICQ文件描述符远程拒绝服务漏洞 |
References
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html
- http://seclists.org/bugtraq/2008/Apr/0100.html
- http://secunia.com/advisories/30055
- http://secunia.com/advisories/30236
- http://securityreason.com/securityalert/3851
- http://www.licq.org/changeset/6146
- http://www.licq.org/ticket/1623
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:159
- http://www.openwall.com/lists/oss-security/2008/04/25/1
- http://www.securityfocus.com/archive/1/490563
- http://www.securityfocus.com/archive/1/490717
- http://www.securityfocus.com/bid/28679
- http://www.vupen.com/english/advisories/2008/1446/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41732
- https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00186.html