You are here

CVE-2012-3421

Vincent (CVE) Danen's picture
The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."

Details Source

Mitre

Public Date

2012-08-16 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-3421 pcp: event-driven programming flaw blocks pmcd from responding to other legitimate requests

Bugzilla ID

841 706

CVSS Status

draft

Base Score

3.30

Base Metrics

AV:A/AC:L/Au:N/C:N/I:N/A:P