1939 matches found
UBUNTU-CVE-2014-3505
Double free vulnerability in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service application crash via crafted DTLS packets that trigger an error condition...
openssl: DoS when sending invalid DTLS handshake
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash...
kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()
A NULL pointer dereference flaw was found in the rdsiwladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...
kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check()
A NULL pointer dereference flaw was found in the rdsibladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...
kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()
A NULL pointer dereference flaw was found in the rdsiwladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
OpenSSL DTLS Fragment Buffer Overflow DoS Exploit
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. This occurs when a DTLS ClientHello message has multiple fragments and the fragment lengths of later fragments are larger than that of the first, a buffer...
StarSiege Tribes Server Denial of Service Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/8184/info StarSiege Tribes Game Server has been reported prone to a remotely triggered denial of service vulnerability. The issue presents itself when the affected server receives and processes a malformed UDP datagram...
StarSiege Tribes Server Denial of Service Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8184/info StarSiege Tribes Game Server has been reported prone to a remotely triggered denial of service vulnerability. The issue presents itself when the affected server receives and processes a malformed UDP datagram...
Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/580/info Certain Linux kernels in the 2.0.3x range are susceptible to blind TCP spoofing attacks due to the way that the kernel handles invalid ack sequence numbers, and the way it assigns IDs to outgoing IP datagrams. Fo...
OpenBSD <= 4.5 IP datagram Null Pointer Deref DoS Exploit
No description provided by source. import sys from scapy import victim=sys.argv1 icmpv6=58 p=IPdst=victim p.proto=icmpv6 srp,timeout=1 milw0rm.com 2009-04-14...
Nortel Networks UNIStim IP Softphone 2050 RTCP Port Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26118/info Nortel Networks UNIStim IP Softphone is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory...
OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
No description provided by source. / cve-2009-1378.c OpenSSL = 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 In dtls1processoutofseqmessage the check if the...
PT-2017-6406 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.2 Description: A race condition in the ip4 datagram release cb function allows local users to gain privileges or cause a denial of service use-after-free by leveraging incorrect expectations about locking...
openSUSE Security Update : kernel (openSUSE-SU-2012:0206-1)
The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. The partprecv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service assertion failure and abort via an empty UDP packet...
kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check()
A NULL pointer dereference flaw was found in the rdsibladdrcheck function in the Linux kernel's implementation of Reliable Datagram Sockets RDS. A local, unprivileged user could use this flaw to crash the system...
openssl: Buffer overflow via DTLS invalid fragment
The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow a...
OpenSSL DTLS Fragment Buffer Overflow DoS
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. This occurs when a DTLS ClientHello message has multiple fragments and the fragment lengths of later fragments are larger than that of the first, a buffer...
DEBIAN-CVE-2014-0195
The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow a...