Vulnerability Details CVE-2014-2980
Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service (abort) via an invalid request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.4%
CVSS Severity
CVSS v2 Score 4.3
References
- http://seclists.org/oss-sec/2014/q2/143
- http://seclists.org/oss-sec/2014/q2/152
- http://secunia.com/advisories/58104
- http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/ChangeLog?r1=37756&r2=37755&pathrev=37756
- http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Tools/gdomap.c?r1=37756&r2=37755&pathrev=37756
- http://www.securityfocus.com/bid/66992
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92688
- https://savannah.gnu.org/bugs/?41751
- http://seclists.org/oss-sec/2014/q2/143
- http://seclists.org/oss-sec/2014/q2/152
- http://secunia.com/advisories/58104
- http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/ChangeLog?r1=37756&r2=37755&pathrev=37756
- http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Tools/gdomap.c?r1=37756&r2=37755&pathrev=37756
- http://www.securityfocus.com/bid/66992
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92688
- https://savannah.gnu.org/bugs/?41751