443 matches found
Samba 'fd_open_atomic infinite loop' DoS Vulnerability (CVE-2017-9461)
Samba is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...
CVE-2017-9461
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...
CVE-2017-1000361
DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...
April 18, 2017—KB4015553 (Preview of Monthly Rollup)
None None...
CVE-2017-3820
A vulnerability in Simple Network Management Protocol SNMP functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a...
CVE-2017-3820
CVE-2017-3820 affects Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE (releases 3.13.6S, 3.16.2S, or 3.17.1S). The vulnerability arises from an incorrect initialized variable in SNMP handling, allowing an authenticated, remote attacker to trigger high CPU usage and DoS via...
StreamProcess.exe is consuming high CPU spike on PVS Servers.
The Streamprocess.exe was consuming high CPU on the PVS servers. The Perfmon suggested sustained spike in Kernel mode and process dumps revealed that we were waiting for the Packet Send & Receive...
Ovs-vswitchd daemon showing high CPU usage
XenServer 6.5 SP1 heavy IO traffic/ CPU utilization with open vswitch technology. Ovs-vswitchd daemon running on the XS was showing high CPU usage and performance tab shows heavy CPU usage...
Multiple Denial of Service Vulnerabilities in Wireshark (CNVD-2016-07477)
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from multiple denial-of-service vulnerabilities that allow attackers t...
Red Hat OpenShift Enterprise Denial of Service Vulnerability
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, U.S. OpenShift Enterprise is an open source version of the private cloud. A denial of service vulnerability exists in Negotiator in Red Hat OpenShift Enterprise versions 3.1 and 3.2, which can be exploited by...
nodejs-minimatch: Regular expression denial-of-service
A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU...
BusyBox 'networking/ntpd.c' Remote Denial of Service Vulnerability
BusyBox is an executable implementation of many standard Linux tools. A remote denial of service vulnerability exists in BusyBox 'networking/ntpd.c'. An attacker can exploit the vulnerability to cause an application to enter an infinite loop and consume excessive CPU resources, resulting in a...
Cisco Aironet SSHv2 Handling Denial of Service Vulnerability
Cisco Aironet is a wireless access point product from Cisco. A security vulnerability exists in Cisco Aironet that allows remote attackers to exploit the vulnerability to submit an excessive number of SSHv2 connections, consume a large amount of the device's CPU, and conduct denial of service...
Wireshark 1.10.x < 1.10.14 / 1.12.x < 1.12.5 Multiple DoS Vulnerabilities
The version of Wireshark installed on the remote Windows host is 1.10.x prior to 1.10.14, or 1.12.x prior to 1.12.5. It is, therefore, affected by various denial of service vulnerabilities in the following items : - LBMR dissector CVE-2015-3808, CVE-2015-3809 - WebSocket dissector CVE-2015-3810 -...
libxml2: denial of service via recursive entity expansion
A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service bas...
wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38)
REJECTED CVE A denial of service flaw was found in the way RTCP dissector of Wireshark, a network traffic analyzer, performed dissection of certain RTCP packet capture files. A remote attacker could provide a specially-crafted RTCP packet / packet capture that, once processed, would lead to...
Apache CXF Denial of Service Vulnerabilities Patched
The Apache Software Foundation has patched a denial of service vulnerability in the XML parser of the Apache CXF Web services framework. Researchers, Andreas Falkenberg from Sec Consult Vulnerability Labs, and Christian Mainka, Juraj Somorovsky, and Joerg Schwenk from Ruhr-University Bochum,...
RedHat Update for php RHSA-2011:0195-01
Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2011:0195-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
RHEL 4 : glibc (RHSA-2012:0125)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0125 advisory. - glibc: tzfileread integer overflow to buffer overflow CVE-2009-5029 - glibc: ldd unexpected code execution issue CVE-2009-5064 - glibc:...
RHEL 6 : glibc (RHSA-2012:0058)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0058 advisory. - glibc: tzfileread integer overflow to buffer overflow CVE-2009-5029 - glibc: svcrun produces high cpu usage when accept fails with EMFILE...