exploits , vulnerabilities , articles , libxml2 Recursive Entity Remote Denial of Service Vulnerability

Title	libxml2 Recursive Entity Remote Denial of Service Vulnerability
Published	2008-08-21-12:00AM
Updated	2008-08-22-10:35AM
Class	Design Error
CVE	CVE-2008-3281
Remote	Yes
Local	No
Credit	Andreas Solberg
Vulnerable	XMLSoft Libxml2 2.6.31 XMLSoft Libxml2 2.6.30 XMLSoft Libxml2 2.6.15 XMLSoft Libxml2 2.6.14 OpenPKG OpenPKG Current XMLSoft Libxml2 2.6.13 XMLSoft Libxml2 2.6.12 XMLSoft Libxml2 2.6.11 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 XMLSoft Libxml2 2.6.9 Conectiva Linux 10.0 Conectiva Linux 9.0 XMLSoft Libxml2 2.6.8 RedHat Fedora Core2 XMLSoft Libxml2 2.6.7 XMLSoft Libxml2 2.6.6 XMLSoft Libxml2 2.6.5 XMLSoft Libxml2 2.6.4 XMLSoft Libxml2 2.6.3 XMLSoft Libxml2 2.6.2 XMLSoft Libxml2 2.6.1 XMLSoft Libxml2 2.6 .0 XMLSoft Libxml2 2.5.11 MandrakeSoft Linux Mandrake 9.2 amd64 MandrakeSoft Linux Mandrake 9.2 XMLSoft Libxml2 2.5.10 Trustix Secure Linux 2.0 XMLSoft Libxml2 2.5.8 XMLSoft Libxml2 2.5.4 MandrakeSoft Linux Mandrake 9.1 ppc MandrakeSoft Linux Mandrake 9.1 XMLSoft Libxml2 2.5.1 Conectiva Linux 9.0 XMLSoft Libxml2 2.4.23 Conectiva Linux Enterprise Edition 1.0 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 XMLSoft Libxml2 2.4.19 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha XMLSoft Libxml2 2.4.12 Conectiva Linux 8.0 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 RedHat Enterprise Linux 5 server RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 MandrakeSoft Linux Mandrake 2008.1 x86_64 MandrakeSoft Linux Mandrake 2008.1 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0
Not Vulnerable
Code	Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2008-12-02 xrdp Multiple Buffer Overflow Vulnerabilities
2008-12-02 FFmpeg Multiple Denial of Service Vulnerabilities
2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
2008-11-28 ReVou Login SQL Injection Vulnerability
2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
2008-11-28 SailPlanner Login SQL Injection Vulnerability