Lucene search
K

1939 matches found

OSV
OSV
added 2014/08/07 12:0 a.m.7 views

UBUNTU-CVE-2014-3505

Double free vulnerability in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service application crash via crafted DTLS packets that trigger an error condition...

5CVSS6.7AI score0.4334EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/08/06 2:52 p.m.4 views

openssl: DoS when sending invalid DTLS handshake

A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash...

4.3CVSS6.6AI score0.87892EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/07/29 3:51 p.m.1 views

kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()

A NULL pointer dereference flaw was found in the rdsiwladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...

4.7CVSS6.2AI score0.00403EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/07/29 3:51 p.m.5 views

kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check()

A NULL pointer dereference flaw was found in the rdsibladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...

4.7CVSS6.6AI score0.00476EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2014/07/23 4:4 p.m.1 views

kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()

A NULL pointer dereference flaw was found in the rdsiwladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...

4.7CVSS6.2AI score0.00403EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/07/23 4:4 p.m.62 views

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

4.7CVSS6.1AI score0.00684EPSS
Exploits1References3
0day.today
0day.today
added 2014/07/01 12:0 a.m.114 views

OpenSSL DTLS Fragment Buffer Overflow DoS Exploit

This module performs a Denial of Service Attack against Datagram TLS in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. This occurs when a DTLS ClientHello message has multiple fragments and the fragment lengths of later fragments are larger than that of the first, a buffer...

7.4AI score0.99977EPSS
Exploits4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

StarSiege Tribes Server Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8184/info StarSiege Tribes Game Server has been reported prone to a remotely triggered denial of service vulnerability. The issue presents itself when the affected server receives and processes a malformed UDP datagram...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

StarSiege Tribes Server Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8184/info StarSiege Tribes Game Server has been reported prone to a remotely triggered denial of service vulnerability. The issue presents itself when the affected server receives and processes a malformed UDP datagram...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/580/info Certain Linux kernels in the 2.0.3x range are susceptible to blind TCP spoofing attacks due to the way that the kernel handles invalid ack sequence numbers, and the way it assigns IDs to outgoing IP datagrams. Fo...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

OpenBSD <= 4.5 IP datagram Null Pointer Deref DoS Exploit

No description provided by source. import sys from scapy import victim=sys.argv1 icmpv6=58 p=IPdst=victim p.proto=icmpv6 srp,timeout=1 milw0rm.com 2009-04-14...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Nortel Networks UNIStim IP Softphone 2050 RTCP Port Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26118/info Nortel Networks UNIStim IP Softphone is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.47 views

OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS

No description provided by source. / cve-2009-1378.c OpenSSL = 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 In dtls1processoutofseqmessage the check if the...

5CVSS0.1AI score0.12746EPSS
Exploits12
Positive Technologies
Positive Technologies
added 2014/06/26 12:0 a.m.11 views

PT-2017-6406 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.2 Description: A race condition in the ip4 datagram release cb function allows local users to gain privileges or cause a denial of service use-after-free by leveraging incorrect expectations about locking...

7.8CVSS6.9AI score0.08103EPSS
Exploits0References215
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.51 views

openSUSE Security Update : kernel (openSUSE-SU-2012:0206-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used...

7.8CVSS6.5AI score0.05573EPSS
Exploits6References27
Snyk
Snyk
added 2014/06/11 2:55 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The partprecv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service assertion failure and abort via an empty UDP packet...

3.5CVSS6.8AI score0.01457EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2014/06/10 8:44 p.m.4 views

kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check()

A NULL pointer dereference flaw was found in the rdsibladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...

4.7CVSS6.6AI score0.00476EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2014/06/10 12:23 p.m.7 views

openssl: Buffer overflow via DTLS invalid fragment

The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow a...

6.8CVSS7.2AI score0.99977EPSS
Exploits4References5
Metasploit
Metasploit
added 2014/06/07 7:56 p.m.32 views

OpenSSL DTLS Fragment Buffer Overflow DoS

This module performs a Denial of Service Attack against Datagram TLS in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. This occurs when a DTLS ClientHello message has multiple fragments and the fragment lengths of later fragments are larger than that of the first, a buffer...

6.8CVSS7.8AI score0.99977EPSS
Exploits4
OSV
OSV
added 2014/06/05 9:55 p.m.2 views

DEBIAN-CVE-2014-0195

The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow a...

6.8CVSS9.7AI score0.99977EPSS
Exploits4References1
Rows per page
Query Builder