629 matches found
lldpd: denial of service
CVE-2015-5714 denial of service A buffer overflow has been discovered when handling management address TLV. When a remote device was advertising a too large management address while still respecting TLV boundaries, lldpd would crash due to a buffer overflow. - CVE-2015-5715 denial of service A...
lldpd -- Buffer overflow/Denial of service
The lldpd developer Vincent Bernat reports: A buffer overflow may allow arbitrary code execution only if hardening was disabled. Malformed packets should not make lldpd crash. Ensure we can handle them by not using assert in this part...
Updated openldap package fixes security vulnerability
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call in the bergetnext method in a/libraries/liblber/io.c that is hit when decoding tampered BER data CVE-2015-6908...
openldap: denial of service
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call within the bergetnext method io.c line 682 that is hit when decoding tampered BER data. The following proof of concept exploit can be used to trigger the condition: echo...
OpenLDAP 2.4.42 - ber_get_next Denial of Service
Exploit Title: OpenLDAP 2.4.42 bergetnext DOS Date: 11/09/15 Exploit Author: Denis Andzakovic - Security-Assessment.com Vendor Homepage: http://www.openldap.org/ Software Link: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.42.tgz Version: Y Y \ / /| / \ /||| / / /.-. / /:wq...
BIND9 TKEY assert Dos
我们对 9.9.7-P1 和 9.9.7-P2 这两个版本进行了 diff,发现其主要 Patch 点位于 lib/dns/tkey.c文件中第 653 行 dnstkeyprocessquery 函数中: 在该函数中两次调用 dnsmessagefindname 函数来分别从 DNSSECTIONADDITIONAL 和 DNSSECTIONANSWER 中寻找 TEKY 记录,从代码中可以看到,第一次函数调用之前 na me 变量进行了初始化,被赋值为 NULL,而第二次调用前却未进行初始化。 dnsmessagefindname 函数原型位于 lib/dns/message.c...
SUSE SLED12 / SLES12 Security Update : libyaml (SUSE-SU-2015:0013-1)
This libyaml update fixes the following security issue : - bnc907809: assert failure when processing wrapped strings CVE-2014-9130 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clea...
GLSA-201503-11 : OpenSSL: Multiple vulnerabilities (FREAK)
The remote host is affected by the vulnerability described in GLSA-201503-11 OpenSSL: Multiple vulnerabilities Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers and the upstream advisory referenced below for details: RSA silently downgrades to EXPORTRSA Client...
OpenSSL multiple security vulnerabilities
NULL pointer dereferences, reahable asserts, memory corruptions...
SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10470)
OpenSSL has been updated to fix various security issues : - A segmentation fault in ASN1TYPEcmp was fixed that could be exploited by attackers when e.g. client authentication is used. This could be exploited over SSL connections. CVE-2015-0286 - A ASN.1 structure reuse memory corruption was fixed...
RHEL 6 / 7 : libyaml (RHSA-2015:0100)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0100 advisory. YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and emitter...
Apache qpid DoS
Multiple asserts...
USN-2461-1 libyaml vulnerability
Stanisław Pitucha and Jonathan Gray discovered that LibYAML did not properly handle wrapped strings. An attacker could create specially crafted YAML data to trigger an assert, causing a denial of service...
openSUSE Security Update : libyaml (openSUSE-SU-2014:1625-1)
This libyaml update fixes the following security issue : - bnc907809: assert failure when processing wrapped strings CVE-2014-9130 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : openvpn (openSUSE-SU-2014:1594-1)
openvpn was updated to fix a denial-of-service vulnerability where an authenticated client could stop the server by triggering a server-side ASSERT bnc907764,CVE-2014-8104, %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Stable Channel Update
The Chrome team is delighted to announce the promotion of Chrome 38 to the stable channel for Windows, Mac and Linux. Chrome 38.0.2125.101 contains a number of fixes and improvements, including: - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance A...
Seafile-server <= 3.1.5 - Remote DoS
No description provided by source. Exploit Title: ccnet-server remote DoS assert seafile-server = 3.1.5 Date: Sep 4, 2014 Exploit Author: retset Vendor Homepage: seafile.com Software Link: https://bitbucket.org/haiwen/seafile/downloads/seafile-server3.1.4win32.tar.gz Version: seafile-server 3.1.4...
Seafile-server 3.1.5 - Remote Denial of Service
Exploit Title: ccnet-server remote DoS assert seafile-server = 3.1.5 Date: Sep 4, 2014 Exploit Author: retset Vendor Homepage: seafile.com Software Link: https://bitbucket.org/haiwen/seafile/downloads/seafile-server3.1.4win32.tar.gz Version: seafile-server 3.1.4 Tested on: Windows 7/seafile-serve...
seafile-server 3.1.5 Denial Of Service
Exploit Title: ccnet-server remote DoS assert in seafile-server 3.1.5 Date: Sep 4, 2014 Exploit Author: retset Vendor Homepage: seafile.com Software Link: https://bitbucket.org/haiwen/seafile/downloads/seafile-server3.1.4win32.tar.gz Version: seafile-server 3.1.4 Tested on: Windows 7/seafile-serv...
Joomla JomSocial 2.6 Code Execution Exploit
Joomla JomSocial component version 2.6 remote PHP code execution exploit. !/usr/bin/python Joomla! JomSocial component = 2.6 PHP code execution exploit Authors: - Matias Fontanini - Gaston Traberg This exploit allows the execution of PHP code without any prior authentication on the Joomla!...