The Tox project blog reports:
A memory leak bug was discovered in Toxcore that can be triggered remotely to
exhaust one’s system memory, resulting in a denial of service attack.
The bug is present in the TCP Server module of Toxcore and therefore it
affects mostly bootstrap nodes. Regular Tox clients generally have the
TCP Server functionality disabled by default, leaving them unaffected.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center