OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2017:2424)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

MGASA-2017-0233 Updated java-1.8.0-openjdk packages fix security vulnerabilities

It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application CVE-2017-10102. Multiple flaws were discovere...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

ISC BIND Referral CNAME and DNAME Assertion Failure Denial of Service (CVE-2017-3137)

A denial of service vulnerability exists in ISC BIND9. The vulnerability is due to improper handling of responses containing CNAME and DNAME records after receiving a referral. A remote attacker could exploit this vulnerability by providing two specially crafted responses to the server...

bind: delegation handling denial of service

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash...

Oracle: Security Advisory (ELSA-2010-0198)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-201502-03 : BIND: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201502-03 BIND: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can cause a denial of service condition by...

BIND: Multiple Vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker can cause a denial of service condition by the lack of GeoIP databases, or vi...

bind: delegation handling denial of service

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash...

bind: delegation handling denial of service

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash...

DEBIAN-CVE-2014-8602

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals...

CVE-2014-8602

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals...

DEBIAN-CVE-2014-8500

ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory consumption and named crash via a large or infinite number of referrals...