icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Leafnode < 1.11.3 TCP Timeout DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running the LeafNode NNTP server. The version of LeafNode that is installed is vulnerable to a remote Denial of Service (DoS) attack. When an upstream NNTP server requests a header and then allows the connection to time out, the LeafNode NNTP server fails. Successful exploitation would result in a loss of availability.

Solution

Upgrade to version 1.11.3 or higher.