145 matches found
CVE-2018-5379
The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...
WordPress Payment Form for PayPal Pro Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Payment Form for PayPal Pro plugin is used in one of the payment plugin. WordPress Payment Form for PayPal Pro...
Command injection
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service device reload by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and...
DEBIAN-CVE-2016-6170
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client crash via a large IXFR response...
CVE-2016-6170
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client crash via a large IXFR response...
Code injection
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client crash via a large IXFR response...
Juniper Networks Junos OS BGP 'family l2vpn' UPDATE Denial of Service Vulnerability
Juniper Networks Junos OS is a network operating system dedicated to the company's hardware systems. A security vulnerability in Juniper Networks Junos OS using BGP based L2VPN and VPLS configuration allows remote attackers to conduct denial of service attacks by submitting a BGP 'family l2vpn'...
CVE-2014-0616
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R4-S2, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows remote attackers ...
Cisco NX-OS Software Crafted Border Gateway Protocol Update Message Denial of Service Vulnerability
A vulnerability in the Border Gateway Protocol BGP functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause all BGP sessions on the device to reset. The vulnerability is due to the improper processing of specifically crafted BGP update messages. An attacker...
Code injection
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13065...
CVE-2012-4099
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13065...
CVE-2012-4098
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13055...
Code injection
The XML parser in the Cisco Jabber IM application for Android allows remote authenticated users to cause a denial of service blocked connection by leveraging an entry on a Buddy list and sending a crafted XMPP presence update message, aka Bug ID CSCue38383...
(bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
Heap-based buffer overflow in the ecommunityecom2str function in bgpecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4...
CVE-2012-2416
chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...
DEBIAN-CVE-2012-2416
chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...
CVE-2012-2416
chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...
CVE-2011-3327
Heap-based buffer overflow in the ecommunityecom2str function in bgpecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4...
(bgpd): DoS (crash) while processing certain BGP update AS path messages
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...
Null pointer dereference
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...