CVE-2005-2904

Zebedee 2.4.1 - DoS

Title source: llm

Description

Zebedee 2.4.1, when "allowed redirection port" is not set, allows remote attackers to cause a denial of service (application crash) via a zero in the port number of the protocol option header, which triggers an assert error in the makeConnection function in zebedee.c.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Shiraishi.M · cdoslinux

https://www.exploit-db.com/exploits/26249

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] http://secunia.com/advisories/16788/

[Exploit, Patch] http://www.securityfocus.com/bid/14796

[Mailing List] http://marc.info/?l=bugtraq&m=112629543605488&w=2

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200509-14.xml

Scores

EPSS 0.0679

EPSS Percentile 91.4%

Details

Status published

Products (1)

zebedee/zebedee 2.4.1

Published Sep 14, 2005

Tracked Since Feb 18, 2026