CVE-2008-3680

The decryption function in Flagship Industries Ventrilo 3.0.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) by sending a type 0 packet with an invalid version followed by another packet to TCP port 3784.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:flagship_industries:ventrilo:1:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:1.01:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:1.03:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:1.04:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:1.05:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:1.06:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.1:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.2:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.3:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.3.2:prototype.6:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:2.3.2:prototype.9:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:3:*:*:*:*:*:*:*
cpe:2.3:a:flagship_industries:ventrilo:3.0.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-08-14 19:41

Updated : 2024-02-04 17:33


NVD link : CVE-2008-3680

Mitre link : CVE-2008-3680

CVE.ORG link : CVE-2008-3680


JSON object : View

Products Affected

flagship_industries

  • ventrilo
CWE
CWE-20

Improper Input Validation