1723 matches found
rsyslog -- remote syslog PRI vulnerability
The rsyslog project reports: potential abort when a message with PRI 191 was processed if the "pri-text" property was used in active templates, this could be abused to a remote denial of service from permitted senders The original fix for CVE-2014-3634 was not adequate...
CVE-2014-3970
The partprecv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service assertion failure and abort via an empty UDP packet...
subversion: Remote DoS due improper handling of early-closing TCP connections
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service exit by aborting a connection...
Mandriva Linux Security Advisory : subversion (MDVSA-2013:288)
Updated subversion package fixes security vulnerabilities : moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many case...
Medium: subversion
Issue Overview: The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request. The...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
Updated subversion package fixes security vulnerabilities
moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many cases. As a result these clients are not blocked as configured b...
Fedora 20 : libvirt-1.1.3-2.fc20 (2013-18455)
Allow QoS change with update-device bz 1014200 - Fix nwfilter crash during firewalld install bz 1014762 - Fix crash with nographics bz 1014088 Update to 1.1.3 release - Sync with v1.1.2-maint - Rebuild for libswan soname bump bz 1009701 - CVE-2013-4311: Insecure polkit usage bz 1009539, bz...
Fedora 19 : spice-0.12.4-1.fc19 (2013-14110)
New upstream bug-fix release 0.12.4 - Fixes a client triggerable abort CVE-2013-4130 - Add patches from upstream git to fix sound-channel-free crash rhbz986407 - Stop building spicec, it's obsolete and superseded by remote-viewer part of virt-viewer Note that Tenable Network Security has...
CVE-2013-0978
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code...
CVE-2013-0978
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code...
Apple iOS < 6.1.3 Multiple Vulnerabilities
Binary data 6718.prm...
SCADA DNP3 abort file function code
...
Mandriva Update for hostapd MDVSA-2012:168 (hostapd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)
The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protection...
Unbound -- an empty error packet handling assertion failure
Unbound developer reports: NLnet Labs was notified of an error in Unbound's code-path for error replies which is triggered under special conditions. The error causes the program to abort...
dhcp security update
12:4.1.1-12.P1.2 - CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message 672994...
NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Privilege Escalation
/ source: https://www.securityfocus.com/bid/36430/info NetBSD is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to cause the kernel stack to become desynchronized. This may allow the attacker to gain elevated privileges or may aid in further attacks. ...