VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 14, 2008· Updated Apr 23, 2026

CVE-2008-3680

CVE-2008-3680

Description

The decryption function in Flagship Industries Ventrilo 3.0.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) by sending a type 0 packet with an invalid version followed by another packet to TCP port 3784.

Affected products

18
  • Flagship Industries/Ventrilo18 versions
    cpe:2.3:a:flagship_industries:ventrilo:1:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:flagship_industries:ventrilo:1:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:1.01:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:1.03:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:1.04:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:1.05:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:1.06:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.3.2:prototype.6:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:2.3.2:prototype.9:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:3:*:*:*:*:*:*:*
    • cpe:2.3:a:flagship_industries:ventrilo:3.0.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.