CVE-2003-0290 - Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) v

CVE-2003-0290

Summary

Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0064.html
http://marc.info/?l=bugtraq&m=105284630228137&w=2
http://marc.info/?l=bugtraq&m=105284631428187&w=2
http://www.securityfocus.com/bid/7552
https://exchange.xforce.ibmcloud.com/vulnerabilities/11973

Vulnerable Configurations

cpe:2.3:a:etype:eserv:2.9x:*:*:*:*:*:*:*
cpe:2.3:a:etype:eserv:2.9x:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	7552
bugtraq	20030511 eServ Memory Leak Enables Denial of Service Attacks 20030513 eServ Memory Leak Solution
vulnwatch	20030511 eServ Memory Leak Enables Denial of Service Attacks
xf	eserv-multiple-connections-dos(11973)

Last major update

11-07-2017 - 01:29

Published

16-06-2003 - 04:00

Last modified

11-07-2017 - 01:29