323 matches found
Scientific Linux Security Update : curl on SL3.x i386/x86_64
Wesley Miaw discovered that when deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code. Note: This issue...
Scientific Linux Security Update : curl on SL4.x i386/x86_64
Wesley Miaw discovered that when deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code. Note: This issue...
Scientific Linux Security Update : httpd on SL5.x i386/x86_64
A flaw was discovered in the way the modproxy module of the Apache HTTP Server handled the timeouts of requests forwarded by a reverse proxy to the back-end server. If the proxy was configured to reuse existing back-end connections, it could return a response intended for another user under certa...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
libpng: excessive memory consumption due to highly compressed huge ancillary chunk
The pngdecompresschunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of...
RHEL 5 : curl (RHSA-2010:0273)
Updated curl packages that fix one security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
GNU gzip LZH Decompression make_table Stack Modification (CVE-2006-4335)
GNU gzip is a popular compression and decompression utility that ships with all standard Linux distributions, as well as commercial Unix-based operating systems. The utility can create and decompress files which are stored using the DEFLATE algorithm. In addition to the algorithm used in the...
Adobe Acrobat Bundled LibTIFF Integer Overflow
This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions 8.0 through 8.2 and 9.0 through 9.3. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class...
Design/Logic Flaw
The pngdecompresschunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of...
apache mod-deflate 2.2.11 拒绝服务漏洞
No description provided by source...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
MSIE Content-Encoding: Deflate Memory Corruption
MSIE Content-Encoding: deflate memory corruption vulnerability a.k.a. MSRC 8769, MS09-054, CVE-2009-1547, “Data Stream Header Corruption Vulnerability” Microsoft fixed a bug in Internet Explorer’s “Content-Encoding:deflate” implementation. Here are two HTTP replies that trigger the bug:...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
CVE-2009-1891
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
DEBIAN-CVE-2009-1891
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
httpd: possible temporary DoS (CPU consumption) in mod_deflate
The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...
[Full-disclosure] EEYE: Internet Explorer Compressed Content URL Heap Overflow Vulnerability
Internet Explorer Compressed Content URL Heap Overflow Vulnerability Release Date: August 24, 2006 Date Reported: August 17, 2006 Severity: High Code Execution Systems Affected: Internet Explorer 6 SP1 with MS06-042 - Windows 2000 Internet Explorer 6 SP1 with MS06-042 - Windows XP SP1 Overview:...