CVE-2007-5933 - OpenCVE

Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to cause a denial of service (crash) by triggering a delete operation while the Session object is still being used, as demonstrated by causing a "Broken pipe" error.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Pioneers	Pioneers

Configuration 1 [-]

cpe:2.3:a:pioneers:pioneers:*:*:*:*:*:*:*:*

References

Link	Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541
http://bugs.gentoo.org/show_bug.cgi?id=198807
http://secunia.com/advisories/27522	Vendor Advisory
http://secunia.com/advisories/27646	Vendor Advisory
http://security.gentoo.org/glsa/glsa-200711-20.xml
http://securitytracker.com/id?1019024
http://sourceforge.net/tracker/index.php?func=detail&aid=1791176&group_id=5095&atid=305095	Patch
http://www.securityfocus.com/bid/26391

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-13T20:00:00

Updated: 2017-11-15T13:57:01

Reserved: 2007-11-13T00:00:00

Link: CVE-2007-5933

JSON object: View

NVD Information

Status : Analyzed

Published: 2007-11-13T20:46:00.000

Modified: 2011-08-10T04:00:00.000

Link: CVE-2007-5933

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-06T00:00:00", "descriptions": [{"lang": "en", "value": "Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to cause a denial of service (crash) by triggering a delete operation while the Session object is still being used, as demonstrated by causing a \"Broken pipe\" error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-15T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-200711-20", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200711-20.xml"}, {"name": "27522", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27522"}, {"name": "27646", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27646"}, {"name": "26391", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26391"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1791176&group_id=5095&atid=305095"}, {"name": "1019024", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1019024"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=198807"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5933", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to cause a denial of service (crash) by triggering a delete operation while the Session object is still being used, as demonstrated by causing a \"Broken pipe\" error."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-200711-20", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-20.xml"}, {"name": "27522", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27522"}, {"name": "27646", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27646"}, {"name": "26391", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26391"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541"}, {"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1791176&group_id=5095&atid=305095", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1791176&group_id=5095&atid=305095"}, {"name": "1019024", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019024"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=198807", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=198807"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5933", "datePublished": "2007-11-13T20:00:00", "dateReserved": "2007-11-13T00:00:00", "dateUpdated": "2017-11-15T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pioneers:pioneers:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A283224-7E19-4A35-AFEC-C10FAE844928", "versionEndIncluding": "0.11.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to cause a denial of service (crash) by triggering a delete operation while the Session object is still being used, as demonstrated by causing a \"Broken pipe\" error."}, {"lang": "es", "value": "Pioneers (anteriormente gnocatan) versiones anteriores a 0.11.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) mediante la activaci\u00f3n de una operaci\u00f3n de borrado mientras el objeto Session se sigue usando, como es demostrado causando un error de \"Broken pipe\"."}], "id": "CVE-2007-5933", "lastModified": "2011-08-10T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-11-13T20:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541"}, {"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=198807"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27522"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27646"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200711-20.xml"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1019024"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1791176&group_id=5095&atid=305095"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26391"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}