CVE-2007-2241

Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service daemon exit via a sequence of queries processed by the queryaddsoa function...

DEBIAN-CVE-2007-2241

Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service daemon exit via a sequence of queries processed by the queryaddsoa function...

CVE-2007-2241

Summary (CVE-2007-2241) : An unspecified vulnerability in query.c of ISC BIND 9.4.0 and 9.5.0a1–9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) by issuing a crafted sequence of queries to the resolver. The issue is specifically tied to the qu...

Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service

Linux Kernel 2.6.x - NETLINKFIBLOOKUP Local Denial of Service / source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger a...

Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service

/ source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This...

security flaw

The key serial number collision avoidance code in the keyallocserial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service crash via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."...

Moderate: Red Hat Security Advisory: bind security update

Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name Syste...

MOPB-02-2007:PHP Executor Deep Recursion Stack Overflow

Summary The first day of MoPB is dedicated to vulnerabilities that are already known but are not yet or will never be fixed. The next bug of this category is the problem that PHP does not protect against deep recursions. Whenever a PHP application goes into a very deep recursion it will crash whe...

MOPB-03-2007:PHP Variable Destructor Deep Recursion Stack Overflow

Summary The last vulnerability for today is similar to the second one. This time the bug is however a deep recursion bug in the Zend Engine variable destruction. User input is parsed in an iterative way which allows the creation of very deeply nested array structures from user input. However when...

PHP Executor Deep Recursion Stack Overflow

PMASA-2007-3 Announcement-ID: PMASA-2007-3 Date: 2007-03-02 Summary PHP Executor Deep Recursion Stack Overflow Description Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs. One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive function in its...

PHP 4/5 - Executor Deep Recursion Remote Denial of Service

source: https://www.securityfocus.com/bid/22766/info PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker with permissions to execute PHP code on an affected computer may exploit this issue to crash PHP and kill all remaining...

SUSE-SA:2007:014: bind

The remote host is missing the patch for the advisory SUSE-SA:2007:014 bind. Two security problems were fixed in the ISC BIND nameserver version 9.3.4, which are addressed by this advisory: CVE-2007-0493: If recursion is enabled, a remote attacker can dereference a freed fetch context causing the...

CVE-2007-0006

The key serial number collision avoidance code in the keyallocserial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service crash via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."...

USN-410-1: poppler vulnerability

The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library. kpdf in Ubuntu 5.10, and KOffice i...

KDE kfile JPEG info plugin: Denial of service

Background The KDE kfile-info JPEG plugin provides meta-information about JPEG files. Description Marcus Meissner of the SUSE security team discovered a stack overflow vulnerability in the code processing EXIF information in the kfile JPEG info plugin. Impact A remote attacker could entice a user...

[ MDKSA-2006:227 ] - Updated kdegraphics packages fix EXIF vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:227 http://www.mandriva.com/security/ Package : kdegraphics Date : December 11, 2006 Affected: 2007.0, Corporate 3.0, Corporate 4.0 Problem Description: Stack overflow in the KFILE JPEG kfilejpeg plugin in...

ClamAV antivirus DoS

High recursion of MIME parts causes antivirus to crash...

CVE-2006-6297

Stack consumption vulnerability in the KFILE JPEG kfilejpeg plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service stack consumption via a crafted EXIF section in a JPEG file, which results in an infinite recursio...

CVE-2006-6297

Stack consumption vulnerability in the KFILE JPEG kfilejpeg plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service stack consumption via a crafted EXIF section in a JPEG file, which results in an infinite recursio...

[SECURITY] [DSA 1155-2] New sendmail packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1155-2 [email protected] http://www.debian.org/security/ Martin Schulze August 24th, 2006 http://www.debian.org/security/faq -...