bind: TCP Pipelining doesn't limit TCP clients on a single connection

A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...

Amazon Linux AMI : libtirpc (ALAS-2020-1362)

The version of libtirpc installed on the remote host is prior to 0.2.4-0.16.15. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1362 advisory. A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefdxprt was n...

Denial Of Service (DoS)

samba is vulnerable to denial of service. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" values, resulting in the Samba server smbd crashing...

Denial Of Service (DoS)

The kernel-rt package is vulnerable to denial of service DoS. A deficiency in the fasynchelper implementation allows a local, unprivileged user to leverage a use-after-free of locked, asynchronous file descriptors to cause a denial of service or privilege escalation...

Use-after-Free

The kernel package is vulnerable to Use-after-Free. A deficiency in the fasynchelper implementation allows a local, unprivileged user to leverage a use-after-free of locked, asynchronous file descriptors to cause a denial of service or privilege escalation...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists as the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to...

CVE-2019-6477

A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...

dpdk: possible memory leak leads to denial of service

A flaw was found in dpdk where a malicious master, or a container with access to vhostuser socket, can send specially crafted VRINGSETNUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-1641)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-1664)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2019-1061)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-1730)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-2040)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : dpdk (EulerOS-SA-2019-2688)

According to the version of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious...

EulerOS 2.0 SP3 : sendmail (EulerOS-SA-2019-2661)

According to the version of the sendmail packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXE...

CVE-2014-0212

qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...

Design/Logic Flaw

qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...

CVE-2014-0212

CVE-2014-0212 concerns qpid-cpp: ACL policies are only loaded when the acl-file option is specified, which can enable a Denial of Service by exhausting all available file descriptors. The connected documents confirm the root cause is loading/processing ACL policies contingent on a missing/omitted...

CVE-2014-0212

qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...

CVE-2019-14818

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhostuser socket, can send specially crafted VRINGSETNUM messages, resulting in a memory leak including file...