DEBIAN-CVE-2015-1546

Double free vulnerability in the getvrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service crash via a crafted search query with a matched values control...

CVE-2014-8248

SQL injection vulnerability in CA Release Automation formerly iTKO LISA Release Automation before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query...

Sql injection

SQL injection vulnerability in CA Release Automation formerly iTKO LISA Release Automation before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query...

ISC BIND NSEC3-Signed Zones Queries Processing Denial of Service (CVE-2014-0591)

A denial of service vulnerability exists in ISC BIND. The vulnerability is due to a failure to handle queries for NSEC3-signed zones. A remote attacker may exploit this vulnerability by sending a specially crafted query...

bind: named crash when handling malformed NSEC3-signed zones

A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash...

CVE-2013-3868

Microsoft Active Directory Lightweight Directory Service AD LDS on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service LDAP...

PT-2013-4701 · Microsoft · Windows Server 2012 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Active Directory Lightweight Directory Service AD LDS versions on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 Active Directory Services versions on Windows Server 2008 SP2 and R2 SP1 and Serve...

DEBIAN-CVE-2013-4995

Cross-site scripting XSS vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information...

bind -- denial of service vulnerability

ISC reports: A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query...

MS13-032: Vulnerability in Active Directory Could Lead to Denial of Service (2830914)

The version of Active Directory installed on the remote host is is affected by a denial of service vulnerability. A remote, authenticated attacker can exploit this flaw by sending a specially crafted query to the LDAP service that could cause the LDAP service to stop responding. C Tenable Network...

FreeBSD : FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query (4671cdc9-7c6d-11e2-809b-6c626d99876c)

Problem description : Due to a software defect a crafted query can cause named8 to crash with an assertion failure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018...

FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query

Problem description: Due to a software defect a crafted query can cause named8 to crash with an assertion failure...

bind: DoS on servers using DNS64

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

DEBIAN-CVE-2012-5688

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

dns/bind9* -- servers using DNS64 can be crashed by a crafted query

ISC reports: BIND 9 nameservers using the DNS64 IPv6 transition mechanism are vulnerable to a software defect that allows a crafted query to crash the server with a REQUIRE assertion failure. Remote exploitation of this defect can be achieved without extensive effort, resulting in a...

CVE-2009-0695

hagent.exe in Wyse Device Manager WDM 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action...

Heap overflow

Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote attackers to execute arbitrary code via a crafted DNS query that uses compression...

CVE-2011-3406

Buffer overflow in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote...

CVE-2011-2719

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...

Sql injection

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...