7011 matches found
CVE-2016-7795
The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 hang via a zero-length message received over a notify socket...
CVE-2016-7795
The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 hang via a zero-length message received over a notify socket...
CVE-2016-7795
CVE-2016-7795 affects systemd 231 and earlier, where manager_invoke_notify_message processes a zero-length notify socket message, enabling local users to trigger denial of service (assertion failure and PID 1 hang). Connected advisories (e.g., MiracleLinux AXSA-2016-832:08 and EulerOS security ad...
Debian DLA-645-1 : bind9 security update
CVE-2016-2775 lwresd crash with long query name Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232. CVE-2016-2776 assertion failure due to unspecified crafted query Fix based on 43139-9-9.patch from ISC. For Debian 7 'Wheezy', these problems have been fixed in version...
VulnCheck KEV: CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...
Bind 9 DNS Server - Denial of Service Exploit
Exploit for multiple platform in category dos / poc import socket import struct TARGET = '192.168.200.10', 53 QA = 1 QTSIG = 250 DNSMESSAGEHEADERLEN = 12 def buildbindnukequestion="\x06google\x03com\x00", udpsize=512: queryA = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16Q...
ISC BIND 9 - Denial of Service
import socket import struct TARGET = '192.168.200.10', 53 QA = 1 QTSIG = 250 DNSMESSAGEHEADERLEN = 12 def buildbindnukequestion="\x06google\x03com\x00", udpsize=512: queryA = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16QA + "\x00\x01" sweetspot = udpsize -...
Scientific Linux Security Update : bind on SL5.x, SL6.x, SL7.x i386/x86_64 (20160928)
Security Fixes : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2016-2776 %NASLMINLEVE...
bind: assertion failure in buffer.c while building responses to a specifically constructed request
A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
bind: assertion failure in buffer.c while building responses to a specifically constructed request
A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
ALPINE-CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...
CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...
CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...
ISC BIND 9 suffers from buffer.c Assertion Error Denial of Service Vulnerability
ISC BIND 9 is a set of DNS domain name resolution service software maintained by the Internet Systems Consortium ISC organization. ISC BIND 9 suffers from a buffer.c assertion error denial of service vulnerability. A remote attacker can exploit the vulnerability to cause the program to fail an...
Important: bind
Issue Overview: A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. Affected Packages: bind Issue...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.4P3-i586-1slack14.2.txz: Upgraded. This update fixes a denial-of-service vulnerability. Testi...
UBUNTU-CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
Design/Logic Flaw
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...