Lucene search
K

63 matches found

CVE
CVE
added 2020/12/26 4:30 a.m.106 views

CVE-2020-35359

Affected software: Pure-FTPd 1.0.48. Issue: Remote attackers can trigger a denial-of-service by opening enough concurrent connections to exceed the server’s connection limit, preventing legitimate clients from connecting. Root cause: Depletion of available connections due to excessive parallel co...

7.5CVSS7.5AI score0.04744EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/12/26 12:0 a.m.8 views

PT-2020-17314

Name of the Vulnerable Software and Affected Versions Pure-FTPd version 1.0.48 Description The issue allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit. Recommendations For Pure-FTPd version 1.0.48, consider increasing the connecti...

7.5CVSS6.5AI score0.04744EPSS
Exploits1References9
CNVD
CNVD
added 2019/11/21 12:0 a.m.1 views

BIND has a flawed logic vulnerability

BIND is the United States ISC company's set of open source software that implements the DNS protocol. BIND has a logic flaw vulnerability that can be exploited by an attacker to bypass the TCP connection count limit via a TCP-pipelined query, resulting in a denial of service...

7.5CVSS7.6AI score0.04022EPSS
Exploits0
OSV
OSV
added 2019/10/09 4:15 p.m.2 views

ALPINE-CVE-2018-5743

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of...

7.5CVSS6.9AI score0.06404EPSS
Exploits0References1
OSV
OSV
added 2019/10/09 4:15 p.m.2 views

DEBIAN-CVE-2018-5743

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of...

7.5CVSS7.2AI score0.06404EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/29 12:9 p.m.19 views

CVE-2019-15784

Secure Reliable Transport SRT through 1.3.4 has a CSndUList array overflow if there are many SRT connections...

9.6AI score0.01973EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/05/13 5:5 a.m.10 views

bind: Limiting simultaneous TCP clients is ineffective

A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...

7.5CVSS7.2AI score0.06404EPSS
Exploits0References5
OSV
OSV
added 2019/04/10 8:29 p.m.2 views

CVE-2019-0039

If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password...

8.1CVSS5.8AI score0.01285EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/04/10 12:0 a.m.8 views

PT-2019-2085 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 14.1X53-D49 Junos OS versions prior to 15.1F6-S12 Junos OS versions prior to 15.1R7-S3 Junos OS versions prior to 15.1X49-D160 Junos OS versions prior to 15.1X53-D236 Junos OS versions prior to 15.1X53-D495 Junos OS...

8.1CVSS5.5AI score0.01285EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/04/16 12:0 a.m.75 views

AIX OpenSSH Advisory : openssh_advisory2.asc

The version of OpenSSH running on the remote host is affected by a denial of service vulnerability. The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a deni...

7.5CVSS6.5AI score0.1651EPSS
Exploits1References3
OSV
OSV
added 2013/03/07 8:55 p.m.8 views

CVE-2010-5107

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service connection-slot exhaustion by periodically making many new TCP connections...

6.3AI score
Exploits0References12
OpenVAS
OpenVAS
added 2012/09/22 12:0 a.m.25 views

RedHat Update for qpid RHSA-2012:1269-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.5AI score0.04236EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/09/21 12:0 a.m.29 views

Scientific Linux Security Update : qpid on SL6.x i386/x86_64 (20120919)

Apache Qpid is a reliable, cross-platform, asynchronous messaging system that supports the Advanced Message Queuing Protocol AMQP in several common programming languages. It was discovered that the Qpid daemon qpidd did not allow the number of connections from clients to be restricted. A maliciou...

5CVSS5.5AI score0.04236EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/09/19 5:19 p.m.33 views

Moderate: Red Hat Security Advisory: qpid security, bug fix, and enhancement update

Updated qpid packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whic...

5CVSS5.8AI score0.04236EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2012/08/15 12:0 a.m.24 views

GNU gatekeeper -- denial of service

Jan Willamowius reports: GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service connection and thread consumption via a large number of connections...

5CVSS6.2AI score0.03871EPSS
Exploits0References3
Prion
Prion
added 2012/05/03 8:55 p.m.20 views

Code injection

Cisco Adaptive Security Appliances ASA 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service connection limit exceeded by triggering a large number of stale connections that result in an incorrect value for an MPF connection count, aka Bug ID...

7.8CVSS7.3AI score0.01328EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/01/05 12:0 a.m.91 views

Wordpress <= 2.x dictionnary & Bruteforce attack

Source code !usr/bin/python Flaw found on Wordpress that allow Dictionnary & Bruteforce attack Greetz goes to : NeoMorphS, Tiky Vendor : http://wordpress.org/ Found by : Kad [email protected] / [email protected] import urllib , urllib2, sys, string tab = "sss" string.asciiletters,...

Exploits0
CERT
CERT
added 2004/12/10 12:0 a.m.15 views

Remote Execute vulnerable to denial-of-service

Overview Remote Execute cannot handle more than seven connections simultaneously. If more than seven connections are attempted, Remote Execute will crash, resulting in a denial-of-service condition. Description Remote Execute is a network administration tool for the Windows platform that allows...

6.7AI score
Exploits0References2
securityvulns
securityvulns
added 2003/04/18 12:0 a.m.33 views

rinetd DoS

Setting more than 64 connection could cause server to fail...

1.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/04/09 12:0 a.m.60 views

iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 04.08.03: http://www.idefense.com/advisory/04.08.03.txt Denial of Service in Apache HTTP Server 2.x April 8, 2003 I. BACKGROUND The Apache Software Foundation's HTTP Server Project is an effort to develop and maintain an...

5CVSS0.86677EPSS
Exploits1
Rows per page
Query Builder