NAI PGP Certificate Server Unresolvable IP DoS

(C) 2000-2011 John Lampe <j_lampe@bellsouth.net>


Synopsis :

The remote service is vulnerable to a denial of service.

Description :

It was possible to make the remote PGP Cert Server
crash by spoofing a TCP connection that seems to
come from an unresolvable IP address.

An attacker may use this flaw to prevent your PGP
certificate server from working properly.

Solution :

Upgrade to the latest version.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:H/RL:U/RC:ND)

Family: Denial of Service

Nessus Plugin ID: 10442 ()

Bugtraq ID: 1343

CVE ID: CVE-2000-0543