FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

razor-agents -- denial of service vulnerability

Affected packages
razor-agents <= 2.71


VuXML ID 85069fb6-e15b-11d9-83cf-0010dc5df42d
Discovery 2005-06-17
Entry 2005-06-20

A Secunia security advisory reports:

Two vulnerabilities have been reported in Razor-agents, which can be exploited by malicious people to cause a DoS (Denial of Service).

  1. An unspecified error in the preprocessing of certain HTML messages can be exploited to crash the application.
  2. A bug in the discovery logic causes Razor-agents to go into an infinite loop and consume a large amount of memory when discovery fails.