TS-2007-001-0: BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability

Template Security Security Advisory ----------------------------------- BlueCat Networks Adonis Linux-HA heartbeat DoS Vulnerability Date: 2007-07-29 Advisory ID: TS-2007-001-0 Vendor: BlueCat Networks, http://www.bluecatnetworks.com/ Revision: 0 Contents -------- Summary Software Version Details...

DEBIAN-CVE-2007-2297

The SIP channel driver chansip in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service crash...

CVE-2007-1170

SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends 1.1.0.0 and earlier, GTR 2 1.1 and earlier, and RACE - The WTCC Game 1.0 and earlier allow remote attackers to cause a denial of service client disconnection via an empty UDP packet to the server port...

DEBIAN-CVE-2006-6858

Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client...

CVE-2006-3393

Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and earlier, and 2003 Season 1.2.0.1 and earlier allows remote attackers to cause a denial of service CPU consumption by sending an empty UDP datagram, which is not properly discarded due to use of the FIONREAD asynchronous socket...

CVE-2006-3393

Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season 1.1.0.2 and earlier, and 2003 Season 1.2.0.1 and earlier allows remote attackers to cause a denial of service CPU consumption by sending an empty UDP datagram, which is not properly discarded due to use of the FIONREAD asynchronous socket...

CVE-2006-2413

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an empty UDP datagram, possibly involving FIONREAD errors...

Code injection

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an empty UDP datagram, possibly involving FIONREAD errors...

CVE-2006-2413

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an empty UDP datagram, possibly involving FIONREAD errors...

CVE-2006-2413

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an empty UDP datagram, possibly involving FIONREAD errors...

DEBIAN-CVE-2006-2413

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an empty UDP datagram, possibly involving FIONREAD errors...

CVE-2006-2413

CVE-2006-2413 affects GNUnet prior to SVN revision 2781. The vulnerability allows remote attackers to trigger a denial of service (infinite loop and CPU consumption) by sending an empty UDP datagram, possibly involving FIONREAD errors. The available documents describe the root cause as an issue i...

TFTPD overflow

The remote TFTP server dies when it receives a too big UDP datagram. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TFTPD small overflow

The remote TFTP server dies when it receives a small UDP datagram. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only This plugin is just a...

CVE-2004-2449

Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service application crash via a long, malformed UDP datagram...

dhcpcd DHCP client DoS

Size conformance between datagrame size and data size is not controlled...

CVE-2005-0852

Microsoft Windows XP SP1 allows local users to cause a denial of service system crash via an empty datagram to a raw IP over IP socket IP protocol 4, as originally demonstrated using code in Python 2.3...

Debian DSA-651-1 : squid - buffer overflow, integer overflow

Several vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache. The Common Vulnerabilities and Exposures Project identifies the following vulnerabilities : - CAN-2005-0094 'infamous41md' discovered a buffer overflow in the parser for Gopher responses...

CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS

The target is running a CUPS server that supports browsing of network printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing feature can be disabled by sending an empty UDP datagram to the CUPS server. %NASLMINLEVEL 70300 This script was written ...

[SECURITY] [DSA 545-1] New cupsys packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 545-1 [email protected] http://www.debian.org/security/ Martin Schulze September 15th, 2004 http://www.debian.org/security/faq -...