DNS BIND server vulnerability, allowing attackers to cause service failures

The vulnerability of the DNS BIND server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures—such as the appearance of an error message “Assertion failure” or the termination of the daemon—by using a specially creat...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431)

This update for java-170-openjdk fixes the following issues : java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX...

The vulnerability of the Squid proxy server allows a hacker to cause a service failure.

The vulnerability of the http.cc component in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an “Assertion failure” message and the termination of the...

The vulnerability of the Squid proxy server allows a hacker to cause a service failure.

The vulnerability of the Squid proxy server exists due to the incorrect addition of information into String objects. Exploiting this vulnerability allows a remote attacker to cause a service failure—the appearance of an “Assertion failure” window, or the termination of the daemon. This occurs wit...

The vulnerability of the Squid proxy server allows a hacker to cause a service failure.

The vulnerability of the Edge Side Includes parser of the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an error message “Assertion failure” or the termination of...

FreeBSD : bind -- denial of service vulnerability (cba246d2-f483-11e5-92ce-002590263bf5)

ISC reports : A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...

Updated iceape packages fix security vulnerability

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs. CVE-2015-7214 The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive...

DSA-3522-1 squid3 - security update

Bulletin has no description...

SUSE-SU-2016:0825-1 Security update for bind

This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...

The vulnerability of the Squid proxy server allows a hacker to cause a service failure.

The vulnerability of the http.cc function in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to cause a service failure—such as the appearance of an “Assertion failure” message and the termination of the...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability in the WebKit/Source/core/layout/LayoutBlock.cpp function of the Google Chrome browser’s Blink kernel exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause a service failure the appearance of a “Assertion failure” window ...

ISC BIND 9 Multiple DoS

According to its self-reported version number, the instance of ISC BIND running on the remote name server is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in files resolver.c and db.c when handling DNAME resource signatures. An unauthenticated...

bind: malformed signature records for DNAME records can trigger assertion failure

A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...

SUSE-SU-2016:0780-1 Security update for bind

This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...

SUSE-SU-2016:0759-1 Security update for bind

This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...

Mageia: Security Advisory (MGASA-2016-0107)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2016-665)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0107 Updated bind packages fix security vulnerability

In ISC BIND before 9.10.3-P4, an error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c CVE-2016-1285. In ISC BIND before 9.10.3-P4, a problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in...

Important: bind

Issue Overview: A defect in control channel input handling was discovered which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel. If control channel input is accepted from the network limited to localhost by...

ISC BIND rndc Control Instance Denial of Service Vulnerability

ISC BIND is a set of open source software that implements the DNS protocol. A design flaw in the BIND rndc control instance's handling of request input can lead to an assertion failure in sexpr.c or alist.c, which can ultimately lead to the exit of the named process when a malformed packet is sen...