Detections
Analytics

SuSE Linux in.identd Request Saturation DoS

medium Nessus Plugin ID 10560

Synopsis

The remote service is vulnerable to denial of service.

Description

Ident is a protocol which gives to the remote server the name of the user who initiated a given connection.
It's mainly used by IRC, SMTP and POP servers to obtain the login name of the person who is using their services.

There is a flaw in the remote identd daemon which allows anyone to crash this service remotely.

Solution

Disable this service if you do not use it, or upgrade.

See Also

http://downloads.securityfocus.com/vulnerabilities/exploits/susekill.c

Plugin Details

Severity: Medium

ID: 10560

File Name: suse_identd.nasl

Version: 1.26

Type: remote

Published: 11/29/2000

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/14/1999

Reference Information

CVE: CVE-1999-0746

BID: 587