Description |
A security issue has been found in Barrier before version 2.3.4. The daemon does not correctly close client sockets causing permanent file descriptor exhaustion and thus remote denial of service within a couple of seconds by just opening and closing connections.
After 1023 file descriptors are open the server will still react to connection requests, but will fail to open its own local certificate and thus close the connection prematurely. This issue could be used as an additional attack vector during other stages of the protocol to trigger file/socket open failures with potentially security related effects. |