OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking...

Azeotech DAQFactory NETB Datagram Parsing Stack Buffer Overflow Vulnerability

Azeotech DAQFactory HMI/SCADA is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Solutions for Beast attack against SSL/TLS Vulnerability

Security Solutions for Beast attack against SSL/TLS Vulnerability Juliano Rizzo and Thai Duong presented a new attack on Transport Layer Security TLS at the Ekoparty security conference in Buenos Aires, Argentina. The researchers found that encryption, which should protect us, when we connect to...

kernel: dccp: handle invalid feature options length

Integer underflow in the dccpparseoptions function net/dccp/options.c in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol DCCP packet with an invalid feature options length, which triggers a buffer over-read...

CVE-2011-1770

CVE-2011-1770 affects the Linux kernel up to version 2.6.33.14, where an integer underflow in dccp_parse_options (net/dccp/options.c) can be triggered by a DCCP packet with an invalid feature options length, causing a buffer over-read and remote denial of service. The vulnerability is exploitable...

CVE-2011-1770

Integer underflow in the dccpparseoptions function net/dccp/options.c in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol DCCP packet with an invalid feature options length, which triggers a buffer over-read...

kernel: unlimited socket backlog DoS

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service memory consumption by sending a large amount of network traffic, as demonstrated by netperf UDP tests...

Debian DSA-2264-1 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2524 David Howells reported an issue in the Common...

kernel: dccp: handle invalid feature options length

Integer underflow in the dccpparseoptions function net/dccp/options.c in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol DCCP packet with an invalid feature options length, which triggers a buffer over-read...

kernel: dccp: fix oops on Reset after close

The dccprcvstateprocess function in net/dccp/input.c in the Datagram Congestion Control Protocol DCCP implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service NULL pointer dereference and OO...

kernel: BUG_ON() in rds_send_xmit()

The Reliable Datagram Sockets RDS subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service BUGON and system crash via vectors involving 1 a loopback aka loop transmit operation or 2 an InfiniBand aka ib...

kernel: dccp: fix oops on Reset after close

The dccprcvstateprocess function in net/dccp/input.c in the Datagram Congestion Control Protocol DCCP implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service NULL pointer dereference and OO...

kernel: dccp: fix oops on Reset after close

The dccprcvstateprocess function in net/dccp/input.c in the Datagram Congestion Control Protocol DCCP implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service NULL pointer dereference and OO...

OpenSSL DTLS ChangeCipherSpec Remote DoS

This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello. This module requires Metasploit: https://metasploit.com/download Current source:...

Squid WCCP Message Receive Buffer Overflow (CVE-2005-0211)

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. An attacker can exploit this vulnerability to terminate the vulnerable product, creating a denial of service condition, or it can be exploited for code. A remote vulnerability was found in Squid web proxy/cache processes...

PT-2011-1072 · Suse +2 · Kernel-Kdumppae +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.38 kernel-kdumppae affected versions not specified Description: The issue is related to the Datagram Congestion Control Protocol DCCP implementation in the Linux kernel. Specifically, the dccp rcv state...

DEBIAN-CVE-2011-1002

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service infinite loop via an empty mDNS 1 IPv4 or 2 IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244...

kernel: iovec integer overflow in net/rds/rdma.c

Integer overflow in the rdsrdmapages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service crash and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets RDS request, which triggers a buffer overflow...

Integer overflow

Integer overflow in the rdscmsgrdmaargs function net/rds/rdma.c in Linux kernel 2.6.35 allows local users to cause a denial of service crash and possibly trigger memory corruption via a crafted Reliable Datagram Sockets RDS request, a different vulnerability than CVE-2010-3865...

CVE-2010-3865

Integer overflow in the rdsrdmapages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service crash and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets RDS request, which triggers a buffer overflow...