Lucene search
K

1939 matches found

UbuntuCve
UbuntuCve
added 2010/03/31 12:0 a.m.28 views

CVE-2010-1187

The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...

4.9CVSS5.9AI score0.00416EPSS
Exploits1References3
Saint
Saint
added 2010/02/17 12:0 a.m.31 views

Wireshark LWRES dissector buffer overflow

Added: 02/17/2010 CVE: CVE-2010-0304 BID: 37985 OSVDB: 61987 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshar...

7.5CVSS6.7AI score0.73666EPSS
Exploits12
Saint
Saint
added 2010/02/17 12:0 a.m.71 views

Wireshark LWRES dissector buffer overflow

Added: 02/17/2010 CVE: CVE-2010-0304 BID: 37985 OSVDB: 61987 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshar...

7.5CVSS6.7AI score0.73666EPSS
Exploits12
Positive Technologies
Positive Technologies
added 2010/02/10 12:0 a.m.4 views

PT-2010-2040 · Microsoft · Windows Vista +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2 Description: A remote code execution issue exists due to improper handling of local fragmentation of Encapsulating Security Payload ESP ov...

10CVSS7.7AI score0.48764EPSS
Exploits1References6
OSV
OSV
added 2010/02/04 8:15 p.m.1 views

DEBIAN-CVE-2010-0441

Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service daemon crash via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is 1 missing, 2 modified ...

5CVSS6.5AI score0.03377EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2010/01/17 12:0 a.m.6 views

Symantec Norton Firewall NBNS response Remote Heap Corruption (CVE-2004-0444)

When Symantec firewalls allow incoming UDP datagrams to port 137, any inbound UDP datagrams with a source port of 137 will be treated as NetBIOS Name Service messages and will be validated and parsed. The Symantec firewall product line is vulnerable to a remote heap corruption attack in the...

10CVSS7.6AI score0.12798EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/01/06 12:0 a.m.34 views

CentOS 5 : openssl (CESA-2009:1335)

Updated openssl packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure...

5CVSS6.9AI score0.80134EPSS
Exploits20References9
RedHat Linux
RedHat Linux
added 2009/09/30 2:54 p.m.3 views

kernel: udp socket NULL ptr dereference

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

7.8CVSS6.7AI score0.0718EPSS
Exploits18References4
OSV
OSV
added 2009/09/16 12:0 a.m.39 views

DSA-1888-1 openssl - cryptographic weakness

Bulletin has no description...

5.1CVSS6.8AI score0.04506EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/09/09 12:0 a.m.33 views

RedHat Security Advisory RHSA-2009:1335

The remote host is missing updates announced in advisory RHSA-2009:1335. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength general purpose cryptography library. Datagram TLS DTLS is a protocol based on...

5CVSS0.80134EPSS
Exploits20References2
RedHat Linux
RedHat Linux
added 2009/09/02 8:0 a.m.3 views

OpenSSL: DTLS fragment handling memory DoS

Multiple memory leaks in the dtls1processoutofseqmessage function in ssl/d1both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service memory consumption via DTLS records that 1 are duplicates or 2 have sequence numbers much greater than current sequenc...

5CVSS7AI score0.12746EPSS
Exploits12References4
RedHat Linux
RedHat Linux
added 2009/09/02 8:0 a.m.2 views

openssl: DTLS out-of-sequence message handling NULL deref DoS

The dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence DTLS handshake message, related to a "fragment bug."...

5CVSS6.7AI score0.10254EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/09/02 8:0 a.m.4 views

OpenSSL: DTLS pointer use-after-free flaw (DoS)

Use-after-free vulnerability in the dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service openssl sclient crash and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server tha...

5CVSS7AI score0.18241EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2009/08/27 8:0 p.m.3 views

kernel: udp socket NULL ptr dereference

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

7.8CVSS6.7AI score0.0718EPSS
Exploits18References4
RedHat Linux
RedHat Linux
added 2009/08/24 8:11 a.m.3 views

kernel: udp socket NULL ptr dereference

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

7.8CVSS6.7AI score0.0718EPSS
Exploits18References4
OSV
OSV
added 2009/05/19 7:30 p.m.3 views

DEBIAN-CVE-2009-1377

The dtls1bufferrecord function in ssl/d1pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service memory consumption via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."...

5CVSS9.1AI score0.11274EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.68 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/22 vulnerabilities (USN-659-1)

It was discovered that the direct-IO subsystem did not correctly validate certain structures. A local attacker could exploit this to cause a system crash, leading to a denial of service. CVE-2007-6716 It was discovered that the disabling of the ZEROPAGE optimization could lead to large memory...

9.3CVSS6.1AI score0.04353EPSS
Exploits16References13
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.235 views

Mandriva Linux Security Advisory : kernel (MDVSA-2008:112)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The Datagram Congestion Control Protocol DCCP subsystem in the Linux kernel 2.6.18, and probably other versions, does not properly check feature lengths, which might allow remote attackers to execute arbitrary code,...

7.2CVSS6.3AI score0.00556EPSS
Exploits8References10
Tenable Nessus
Tenable Nessus
added 2009/04/17 12:0 a.m.33 views

Fedora 9 : udev-124-4.fc9 (2009-3712)

udev provides a user-space API and implements a dynamic device directory, providing only the devices present on the system. udev replaces devfs in order to provide greater hot plug functionality. Netlink is a datagram oriented service, used to transfer information between kernel modules and...

7.2CVSS8.4AI score0.81528EPSS
Exploits12References5
Exploit DB
Exploit DB
added 2009/04/14 12:0 a.m.42 views

OpenBSD 4.5 - IP datagram Null Pointer Deref Denial of Service

import sys from scapy import victim=sys.argv1 icmpv6=58 p=IPdst=victim p.proto=icmpv6 srp,timeout=1 milw0rm.com 2009-04-14...

7.4AI score
Exploits0
Rows per page
Query Builder