ColdFusion Server 2.0/3.x/4.x Administrator Login Password DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1314/info Due to a faulty mechanism in the password parsing implementation in authentication requests, it is possible to launch a denial of service attack against Allaire ColdFusion 4.5.1 or previous by inputting a string...

ElectroSoft ElectroComm 1.0/2.0 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2706/info ElectroComm is a telnet-comm port server for Windows 9x/NT, allowing users to connect a PC's comm port to a TCP/IP network and login remotely using Telnet. An attacker can execute a denial of service attack on...

Check Point Software Firewall-1 4.0/1.4.1 Resource Exhaustion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1416/info The Check Point Firewall-1 SMTP Security Server in Firewall-1 4.0 and 4.1 on Windows NT is vulnerable to a simple network-based attack which can increase the firewall's CPU utilization to 100%. Sending a stream ...

Microsoft Windows 2000 Internet Key Exchange DoS Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3652/info Internet Protocol Security IPSec provides authentication and encryption for IP network traffic. The Internet Key Exchange IKE protocol is a management protocol standard which is used with the IPSec standard. IKE...

Microsoft NetMeeting 3.0.1 4.4.3385 Remote Desktop Sharing DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1798/info The Remote Desktop Sharing component of Microsoft NetMeeting for Windows NT 4.0 / 2000 does not properly handle a particular type of malformed input string sent over port 1720. CPU utilization can be caused to...

MS Windows (Jolt2.c) Denial of Service Exploit

No description provided by source. / File: jolt2.c Author: Phonix [email protected] Date: 23-May-00 Description: This is the proof-of-concept code for the Windows denial-of-serice attack described by the Razor team NTBugtraq, 19-May-00 MS00-029. This code causes cpu utilization to go to 100%...

Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...

IBM DB2 9.5 <= Fix Pack 9 or 10 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.5 running on the remote host is prior or equal to Fix Pack 9 or 10. It is, therefore, reportedly affected by one or more of the following vulnerabilities : - An unspecified error exists related to handling malformed certificate chains that...

IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities

According to its version, the installation of IBM DB2 10.1 running on the remote host is prior to Fix Pack 3a. It is, therefore, affected by one or more of the following vulnerabilities : - The included version of GSKit contains an error related to CBC-mode and timing that could allow an attacker...

IBM DB2 9.7 < Fix Pack 9a Multiple Vulnerabilities

According to its version, the installation of DB2 9.7 running on the remote host is prior to Fix Pack 9a. It is, therefore, affected by one or more of the following vulnerabilities : - An unspecified error exists related to handling malformed certificate chains that allows denial of service...

IBM DB2 10.5 < Fix Pack 3a Multiple Vulnerabilities

According to its version, the installation of IBM DB2 10.5 running on the remote host is prior to Fix Pack 3a. It is, therefore, affected by one or more of the following vulnerabilities : - An unspecified error exists related to handling malformed certificate chains that could allow denial of...

openSUSE Security Update : samba (openSUSE-SU-2014:0405-1)

"Samba was updated to fix security issues and bugs : Security issues fixed : - Password lockout was not enforced for SAMR password changes, this allowed brute-force attacks on passwords. CVE-2013-4496; bnc849224. - The DCE-RPC fragment length field is incorrectly checked, which could expose samba...

openSUSE Security Update : samba (openSUSE-SU-2014:0404-1)

"Samba was updated to 4.1.6, fixing bugs and security issues : - Password lockout not enforced for SAMR password changes, this allowed brute forcing of passwords; CVE-2013-4496; bnc849224. - smbcacls can remove a file or directory ACL by mistake; CVE-2013-6442; bnc855866. Also the following bugs...

EXPP (Doc Number=3577): GSKit Fixes Available

Abstract EXPP Doc Number=3577: GSKit Fixes Available Fixes for GSKit Available See the following Security Bulletin for IBM Tivoli Directory Server CPU utilization - shipped with AIX and VIOS Doc number: 3577 Published date: 20140523 Content EXPP Doc Number=3577: GSKit Fixes Available Fixes for...

EXPP (Doc Number=3578): GSKit Fixes Available

Abstract EXPP Doc Number=3578: GSKit Fixes Available Fixes for GSKit Available See the following Security Bulletin for IBM Tivoli Directory Server CPU utilization - shipped with AIX and VIOS Doc number: 3578 Published date: 20140523 Content EXPP Doc Number=3578: GSKit Fixes Available Fixes for...

SuSE 11.3 Security Update : Samba (SAT Patch Number 9010)

"The Samba fileserver suite was updated to fix bugs and security issues. The following security issue have been fixed : - No Password lockout or ratelimiting was enforced for SAMR password changes, making brute force guessing attacks possible. CVE-2013-4496. Also the following feature has been...

Cisco Unity Connection Internet Message Access Protocol Denial of Service Vulnerability

A vulnerability in the Internet Message Access Protocol IMAP function of Cisco Unity Connection could allow an authenticated, remote attacker to cause 100 percent CPU utilization on the Cisco Unity Connection server, which may cause a denial of service DoS condition. The vulnerability is due to t...

Cisco MDS 9000 NX-OS Software Denial of Service Vulnerability

A vulnerability in the supervisor of the Cisco MDS Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper handling of Virtual Router Redundancy Protocol VRRP frames. An attacker could exploit this vulnerability by...

Cisco Identity Services Engine High CPU Utilization Vulnerability

A vulnerability in the firewall implementation of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to cause high CPU utilization and possibly the crash of some internal processes. The vulnerability is due to insufficient implementation of the firewall rule to protect...

Cisco Hosted Collaboration Mediation Excessive CPU Utilization Vulnerability

A vulnerability in the network stack of Cisco Hosted Collaboration Mediation could allow an unauthenticated, remote attacker to cause excessive CPU utilization on the affected system. The vulnerability is due to insufficient optimization of resources when the affected system is flooded with...