The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Leafnode | Leafnode | 1.9.19 (including) | 1.9.19 (including) |
| Leafnode | Leafnode | 1.9.20 (including) | 1.9.20 (including) |
| Leafnode | Leafnode | 1.9.21 (including) | 1.9.21 (including) |
| Leafnode | Leafnode | 1.9.22 (including) | 1.9.22 (including) |
| Leafnode | Leafnode | 1.9.23 (including) | 1.9.23 (including) |
| Leafnode | Leafnode | 1.9.24 (including) | 1.9.24 (including) |
| Leafnode | Leafnode | 1.9.25 (including) | 1.9.25 (including) |
| Leafnode | Leafnode | 1.9.26 (including) | 1.9.26 (including) |
| Leafnode | Leafnode | 1.9.27 (including) | 1.9.27 (including) |
| Leafnode | Leafnode | 1.9.29 (including) | 1.9.29 (including) |
| Leafnode | Leafnode | 1.9.30 (including) | 1.9.30 (including) |
| Leafnode | Leafnode | 1.9.31 (including) | 1.9.31 (including) |
| Leafnode | Leafnode | 1.9.35 (including) | 1.9.35 (including) |
| Leafnode | Leafnode | 1.9.36 (including) | 1.9.36 (including) |
| Leafnode | Leafnode | 1.9.37 (including) | 1.9.37 (including) |
| Leafnode | Leafnode | 1.9.38 (including) | 1.9.38 (including) |
| Leafnode | Leafnode | 1.9.39 (including) | 1.9.39 (including) |
| Leafnode | Leafnode | 1.9.40 (including) | 1.9.40 (including) |
| Leafnode | Leafnode | 1.9.41 (including) | 1.9.41 (including) |