Intrusion Prevention

Pigeon.Server.DoS

Description

Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103.

Affected Products

Pigeon Server 3.02.0143 and earlier

Impact

An attacker may exploit this issue to cause the affected server to hang, effectively denying service to legitimate users.

Recommended Actions

The vendor has released an upgrade dealing with this issue.
Tech-Noel Pigeon Server 3.2.143
SuSE mozilla-mail-1.7.5-17.10.i586.rpm
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-mail-1.7. 5-17.10.i586.rpm

CVE References

CVE-2004-1688