84 matches found
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow (Metasploit)
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When...
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow (Metasploit)
require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...
Air Transfer Cross-Site Scripting Vulnerability
Air Transfer Pro is an application for transferring files from your computer to your cell phone over a wireless network. Air Transfer suffers from a cross-site scripting vulnerability that allows remote attackers to exploit exploits to inject script code into client application requests with...
SSL TLS_FALLBACK_SCSV Cipher Suite
This protection detects ssl client requests including TLSFALLBACKSCSV cipher suite...
Telegram (API) Cross-Site Request Forgery Vulnerability
Telegram is a cloud-based instant messaging service that supports both mobile and desktop versions, enabling users to exchange messages, pictures, and videos instantly. Telegram suffers from a cross-site request forgery vulnerability that allows an attacker to execute application functions by...
DLA-398-1 privoxy - security update
Bulletin has no description...
privoxy -- multiple vulnerabilities
Privoxy Developers reports: Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer. Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983. Bug discovered with afl-fuzz an...
privoxy: denial of service
CVE-2015-1380 denial of service Denial of service issue was found in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. - CVE-2015-1381 segmentation fault Multiple segmentation faults and...
privoxy -- multiple vulnerabilities
Privoxy Developers reports: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley. CVE-2015-1380. Fixed multiple segmentation faults and memory leaks...
SuSE 11.1 Security Update : dhcp (SAT Patch Number 6671)
This update of dhcp fixes two security vulnerabilities : - Malformed client identifiers could cause a Denial of Service excessive CPU consumption, effectively causing further client requests to not be processed anymore. CVE-2012-3571 - Two unspecified memory leaks. CVE-2012-3954 Additionally, the...
Mandriva Linux Security Advisory : dhcp (MDVSA-2012:115)
Multiple vulnerabilities has been discovered and corrected in ISC DHCP : An unexpected client identifier parameter can cause the ISC DHCP daemon to segmentation fault when running in DHCPv6 mode, resulting in a denial of service to further client requests. In order to exploit this condition, an...
FreeBSD -- BIND named(8) cache poisoning with DNSSEC validation
Problem Description: If a client requests DNSSEC records with the Checking Disabled CD flag set, BIND may cache the unvalidated responses. These responses may later be returned to another client that has not set the CD flag...
git -- denial of service vulnerability
SecurityFocus reports: Git is prone to a denial-of-service vulnerability because it fails to properly handle some client requests. Attackers can exploit this issue to cause a daemon process to enter an infinite loop. Repeated exploits may consume excessive system resources, resulting in a denial ...
gMotor2 Game Engine - Multiple Vulnerabilities
gMotor2 Game Engine - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/25358/info The gMotor2 game engine is prone to multiple code-execution and denial-of-service vulnerabilities. Four vulnerabilities were reported. These vulnerabilities may be triggered by malicious client...
CVE-2006-6681
CVE-2006-6681: Pedro Lineu Orso chetcpasswd 2.3.3 is vulnerable because it does not implement a rate limit on client requests, potentially allowing remote attackers to perform dictionary attacks to guess passwords. The cited sources (NVD/NVD page) confirm the issue and its impact as a partial con...
CVE-2006-6681
Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack...
PostgreSQL database management system multiple DoS conditions
Multiple DoS conditions on executing client requests...
xine-cddb-server.pl.txt
!/usr/bin/perl -- xine-cddb-server by Ulf Harnhammar in 2005 I hereby place this program in the public domain. use strict; use IO::Socket; $main::port = 8880; $main::timeout = 5; SUBROUTINES sub mysend$$ my $file = shift; my $str = shift; print $file "$str\n"; print "SENT: $str\n"; sub mysend sub...
Webcache Client Requests bypasses OHS mod_access restrictions
Name Webcache Client Requests bypasses OHS modaccess Restrictions Systems Affected Oracle Application Server - OHS 1.0.2 - 10.x Severity Low Risk Category Bypass protected URLs via Webcache Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 200...
Mandrake Linux Security Advisory : ypserv (MDKSA-2003:072)
A vulnerability was found in versions of ypserv prior to version 2.7. If a malicious client were to query ypserv via TCP and subsequently ignore the server's response, ypserv will block attempting to send the reply. The result is that ypserv will fail to respond to other client requests. ypserv 2...