CVE-2015-10085

A vulnerability was found in GoPistolet. It has been declared as problematic. This vulnerability affects unknown code of the component MTA. The manipulation leads to denial of service. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as b91aa4674d460993765884e8463c70e6d886bc90. It is recommended to apply a patch to fix this issue. VDB-221506 is the identifier assigned to this vulnerability.

Weakness

The product does not release or incorrectly releases a resource before it is made available for re-use.

Affected Software

Potential Mitigations

• Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
• For example, languages such as Java, Ruby, and Lisp perform automatic garbage collection that releases memory for objects that have been deallocated.

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/125.html
• https://cwe.mitre.org/data/definitions/130.html
• https://cwe.mitre.org/data/definitions/131.html
• https://cwe.mitre.org/data/definitions/494.html
• https://cwe.mitre.org/data/definitions/495.html
• https://cwe.mitre.org/data/definitions/496.html
• https://cwe.mitre.org/data/definitions/666.html

References

• https://github.com/gopistolet/gopistolet/commit/b91aa4674d460993765884e8463c70e6d886bc90
• https://github.com/gopistolet/gopistolet/pull/27
• https://vuldb.com/?ctiid.221506
• https://vuldb.com/?id.221506
• https://github.com/gopistolet/gopistolet/commit/b91aa4674d460993765884e8463c70e6d886bc90
• https://github.com/gopistolet/gopistolet/pull/27
• https://vuldb.com/?ctiid.221506
• https://vuldb.com/?id.221506