CVE-2015-1030

Publication date 20 January 2015

Last updated 24 July 2024


Ubuntu priority

Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.

From the Ubuntu Security Team

It was discovered that privoxy doesn't handle a large number of requests properly. An attacker could use this vulnerability to cause a denial of service (crash) or possibly execute arbitrary code.

Status

Package Ubuntu Release Status
privoxy 18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic Ignored end of life
14.04 LTS trusty
Fixed 3.0.21-7+debu1build0.14.04.1
12.04 LTS precise Ignored end of life
10.04 LTS lucid Ignored end of life