286 matches found
Design/Logic Flaw
The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...
Null pointer dereference
The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a missing parameter to the 1 dm-FaultFile, 2 dm-LazyCheck, 3 dm-ResolvedFile, 4 dm-OpenFile, 5 crypto, and possibly unspecified other commands, which...
CVE-2008-1302
The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...
CVE-2008-1303
The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a missing parameter to the 1 dm-FaultFile, 2 dm-LazyCheck, 3 dm-ResolvedFile, 4 dm-OpenFile, 5 crypto, and possibly unspecified other commands, which...
CVE-2008-1302
The CVE-2008-1302 entry affects Perforce Server 2007.3/143793 and earlier, specifically the Perforce service (p4s.exe). The vulnerability arises when handling the server-DiffFile or server-ReleaseFile commands with a large integer value, which is used in an array initialization calculation and le...
CVE-2008-1303
The CVE-2008-1303 issue affects the Perforce Server (p4s.exe) up to 2007.3/143793. Affected component: Perforce service commands (dm-FaultFile, dm-LazyCheck, dm-ResolvedFile, dm-OpenFile, crypto, and possibly others). Root cause: missing parameter handling triggers a NULL pointer dereference, pro...
Perforce Proxy Server Detection
Binary data 4415.prm...
Perforce Server多个远程拒绝服务漏洞
BUGTRAQ ID: 28108 Perforce软件配置管理系统是客户端/服务器架构的SCM工具,用户可通过Perforce客户端软件访问其服务端。 如果客户端请求中缺少某些参数的话,由于Perforce服务器中从报文中获得这些值的函数对返回的指针缺少检查,因此可能会触发空指针引用。这个漏洞影响dm-FaultFile、dm-LazyCheck、dm-ResolvedFile、dm-OpenFile、crypto等命令。...
Perforce Client Detection
Binary data 4414.prm...
Perforce Server Version Detection
Binary data 4413.prm...
Multiple vulnerabilities in Perforce Server 2007.3/143793
Luigi Auriemma Application: Perforce Server http://www.perforce.com Versions: = 2007.3/143793 Platforms: Windows, Unix, Linux and Mac Bugs: NULL pointers, invalid memory access and endless loop Exploitation: remote Date: 05 Mar 2008 Author: Luigi Auriemma e-mail: [email protected] web:...
Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities
Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/28108/info Perforce Server is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to crash the affected application or cause excessive...
Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities
source: https://www.securityfocus.com/bid/28108/info Perforce Server is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to crash the affected application or cause excessive memory to be consumed, denying service to legitimate users. These issues...
Perforce Server Detection
The remote service is a Perforce server. Perforce is a commercial, proprietary revision control system, and a Perforce server manages a central database to track file versions and user activity. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Design/Logic Flaw
P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service CPU consumption via an HTTP request with an empty body and a Content-Length greater than 0...
CVE-2007-6349
P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service CPU consumption via an HTTP request with an empty body and a Content-Length greater than 0...
CVE-2007-6349
P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service CPU consumption via an HTTP request with an empty body and a Content-Length greater than 0...
CVE-2007-6349
CVE-2007-6349 affects Perforce P4Web 2006.2 and earlier on Windows. The issue is a denial-of-service caused by a crafted HTTP request with a non-empty Content-Length but an empty body, which drives P4Webs.exe to consume up to high CPU usage remotely (no authentication required). The Symantec advi...
Perforce revision control system DoS
HTTP request with empty boy and non-zero Content-Length causes CPU exhaustion...
SYMSA-2007-015
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2007-015 Advisory Title: Perforce P4Web Denial Of Service through resource starvation Author: Oliver Karow / [email protected] Release Date: 1...