tomcat: non-persistent DoS attack by feeding data by aborting an upload

It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...

kernel: infiniband: Kernel crash by sending ABORT_TASK command

System using the infiniband support module ibsrpt were vulnerable to a denial of service by system crash by a local attacker who is able to abort writes to a device using this initiator...

kernel: infiniband: Kernel crash by sending ABORT_TASK command

System using the infiniband support module ibsrpt were vulnerable to a denial of service by system crash by a local attacker who is able to abort writes to a device using this initiator...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2016-10573)

Freefloat FTP Server is a free software package for uploading files and managing wired and wireless devices from the Swedish company Freefloat. A buffer overflow vulnerability exists in version 1.0 of FreeFloat FTP Server. A remote attacker can exploit this vulnerability to execute arbitrary code...

DEBIAN-CVE-2016-6327

drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service NULL pointer dereference and system crash by using an ABORTTASK command to abort a device write operation...

openSUSE Security Update : bind (openSUSE-2016-1133)

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. CVE-2016-2776, bsc1000362 This update was imported from the SUSE:SLE-12-SP1:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

arm: Host crash caused by VMID exhaustion

ISSUE DESCRIPTION VMIDs are a finite hardware resource, and allocated as part of domain creation. If no free VMIDs are available when trying to create a new domain, a bug in the error path causes a NULL pointer to be used, resulting in a Data Abort and host crash. IMPACT Attempting to create too...

Updated ntp packages fix security vulnerabilities

Updated ntp packages fix security vulnerabilities: It is possible to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. An attacker can spoof a packet from a legitimate ntpd server with an origin...

Wireshark - alloc_address_wmem Assertion Failure

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...

PT-2016-6829 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.1 Description: The issue allows local users to cause a denial of service, resulting in a NULL pointer dereference and system crash. This can be achieved by using an ABORT TASK command to abort a device write...

tomcat: non-persistent DoS attack by feeding data by aborting an upload

It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...

tomcat: non-persistent DoS attack by feeding data by aborting an upload

It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array ind...

Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object withou...

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object without checking the bounds then calls a virtual method...

tomcat: non-persistent DoS attack by feeding data by aborting an upload

It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...

tomcat: non-persistent DoS attack by feeding data by aborting an upload

It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...

chromium-browser: Use-after-free in IndexedDB.

Use-after-free vulnerability in content/browser/indexeddb/indexeddbbackingstore.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain wri...

UBUNTU-CVE-2015-1276

Use-after-free vulnerability in content/browser/indexeddb/indexeddbbackingstore.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain wri...

CentOS 7 : kernel (CESA-2015:0102)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...