CVE-2015-1030 Common Vulnerabilities and Exposures

Upstream information

CVE-2015-1030 at MITRE

Description

Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entries: 907675 [RESOLVED / FIXED], 913094 [RESOLVED / DUPLICATE]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`privoxy >= 3.0.26-1.1` `privoxy-doc >= 3.0.26-1.1`	Patchnames: openSUSE-Tumbleweed-2024-10494

SUSE Timeline for this CVE

CVE page created: Mon Jan 12 14:42:41 2015
CVE page last modified: Sat Jun 15 22:28:55 2024