Rendezvous < 8.0.0 Crafted Packet Remote DoS

high Nessus Plugin ID 28376

Synopsis

The remote host contains an application that is prone to a denial of service attack.

Description

The remote host appears to be running Rendezvous, a commercial messaging software product used for building distributed applications

According to its banner, Rendezvous' rvd daemon fails to properly validate input in incoming packets before using it to allocate memory. By sending a specially crafted packet with a length field of 0, an unauthenticated, remote attacker may be able to leak memory and eventually exhaust memory on the affected system.

Solution

Upgrade to TIBCO Rendezvous version 8.0 or later as that reportedly addresses the issue.

See Also

http://www.nessus.org/u?ab43b01a

Plugin Details

Severity: High

ID: 28376

File Name: rendezvous_8_0_0.nasl

Version: 1.14

Type: remote

Published: 12/2/2007

Updated: 9/21/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:tibco:rendezvous

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 7/31/2007

Reference Information

CVE: CVE-2007-4158

BID: 25132

CWE: 399