Denial Of Service (DoS)

Moodle is vulnerable to denial of service DoS attacks. A malicious user can use the advanced-search feature on a database to cause a algorithmic complexity attack, leading to the service being unavailable...

Perl Email-Address Module Denial of Service Vulnerability

Perl is a cross-platform programming language and Email-Address is one of the email address modules. An algorithmic complexity vulnerability in the Address.pm file of Perl Email-Address allows remote attackers to submit special strings for denial of service attacks...

CVE-2015-7686

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service CPU consumption via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associat...

Oracle: Security Advisory (ELSA-2013-1441)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-7686

CVE-2015-7686 is a confirmed algorithmic complexity DoS in the perl-Email-Address package’s Address.pm (v1.908 and earlier). It allows remote denial of service via a crafted string of email addresses with nested comments; default config mitigates some cases but parsing can still misbehave. Public...

Amazon Linux: Security Advisory (ALAS-2014-290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2013-230)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP < 5.4.41, 5.5.x < 5.5.25, 5.6.x < 5.6.9 Multiple Vulnerabilities - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP < 5.4.41, 5.5.x < 5.5.25, 5.6.x < 5.6.9 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

CVE-2015-4024

The CVE-2015-4024 entry describes an algorithmic complexity DoS in PHP’s multipart HTTP POST handling (multipart_buffer_headers in main/rfc1867.c). Attackers can cause high CPU usage with specially crafted form data, affecting PHP versions prior to 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5....

CVE-2015-4024

Algorithmic complexity vulnerability in the multipartbufferheaders function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service CPU consumption via crafted form data that triggers an improper order-of-growth...

UBUNTU-CVE-2015-4024

Algorithmic complexity vulnerability in the multipartbufferheaders function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service CPU consumption via crafted form data that triggers an improper order-of-growth...

CVE-2014-7266

Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service CPU consumption via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for...

Design/Logic Flaw

Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service CPU consumption via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for...

Oracle Solaris Third-Party Patch Update : ruby (multiple_vulnerabilities_in_ruby1)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service...

Oracle Solaris Third-Party Patch Update : ant (algorithmic_complexity_vulnerability_in_apache)

The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of servic...

DEBIAN-CVE-2014-1474

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service CPU consumption via a string without an address...

Design/Logic Flaw

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service CPU consumption via a string without an address...

CVE-2014-1474

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service CPU consumption via a string without an address...

openSUSE Security Update : ruby (openSUSE-SU-2012:0228-1)

This update of ruby provides 1.8.7p357, which contains many stability fixes and bug fixes, which are fully compatible with the previous version. You can review the detailed list here : http://svn.ruby-lang.org/repos/ruby/tags/v187357/ChangeLog The particularly noteworthy fixes are : - Hash...