97 matches found
CVE-2019-7231
The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to overflow a buffer, causing an exception that...
Buffer Overflow
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Integer Overflows
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Memory corruption
In Eclipse Wakaama formerly liblwm2m 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking wasting 24 bytes of memory. This can lead to termination of the LWM2M server after...
CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...
Security Bulletin: IBM® DB2® LUW contains a vulnerability in which an ALTER TABLE statement may cause the DB2 server to terminate abnormally when AUTO_REVAL is set to IMMEDIATE . (CVE-2014-6159)
Summary IBM DB2 contains a vulnerability in which an ALTER TABLE statement may cause the DB2 server to terminate abnormally when AUTOREVAL is set to IMMEDIATE . This could result in a DB2 server crash; if so, the server would need to be restarted. Vulnerability Details CVE ID: CVE-2014-6159...
Security Bulletin: IBM® DB2® LUW contains a vulnerability in which an ALTER TABLE statement may cause the DB2 server to terminate abnormally. (CVE-2014-6097)
Summary IBM DB2 LUW contains a vulnerability in which an ALTER TABLE statement may cause the DB2 server to terminate abnormally. This could result in a DB2 server crash and require that the server be restarted Vulnerability Details CVE ID: CVE-2014-6097 DESCRIPTION: IBM DB2 V9.7 and V9.8 contain ...
Design/Logic Flaw
In Schneider Electric ClearSCADA 2014 R1 build 75.5210 and prior, 2014 R1.1 build 75.5387 and prior, 2015 R1 build 76.5648 and prior, and 2015 R2 build 77.5882 and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to...
ETX-R vulnerable to denial-of-service (DoS)
Overview ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a denial-of-service DoS vulnerability. Junichi MURAKAMI of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...
IBM Db2 Multiple Denial of Service Vulnerabilities
IBM Db2 is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2";...
Moderate: Red Hat Security Advisory: X11 client libraries security, bug fix, and enhancement update
Updated X11 client libraries packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
Pragma TelnetServer 7.0.4.589 NULL-Pointer Dereference Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27143/info Pragma TelnetServer is prone to a denial-of-service vulnerability because it fails to adequately handle certain telnet options. Attackers can leverage this issue to terminate the server and cause...
Buffer overflow
Buffer overflow in the idnsALookup function in dnsinternal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service memory corruption and server termination via a long name in a DNS lookup request...
CVE-2013-4115
CVE-2013-4115 : Buffer overflow in the idnsALookup function of Squid’s DNS lookup (dns_internal.cc) affects Squid 3.2–3.2.11 and 3.3–3.3.6, enabling a remote attacker to trigger memory corruption and cause a denial of service via a long DNS name. Connected advisories confirm affected products and...
CVE-2013-4115
Buffer overflow in the idnsALookup function in dnsinternal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service memory corruption and server termination via a long name in a DNS lookup request...
FreeBSD : dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory (1ecc0d3f-ae8e-11e1-965b-0024e88a8c98)
ISC reports : Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary server...
dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory
ISC reports: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers...
Debian Security Advisory DSA 1833-2 (dhcp3)
The remote host is missing an update to dhcp3 announced via advisory DSA 1833-2. OpenVAS Vulnerability Test $Id: deb18332.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1833-2 dhcp3 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...