ISC DHCP Denial of Service Vulnerability (CNVD-2016-01603)

ISC DHCP is the United States ISC Internet Systems Consortium company's set of open source Dynamic Host Configuration Protocol server software. A security vulnerability exists in ISC DHCP that stems from the program's failure to limit the number of concurrent TCP sessions. A remote attacker could...

ISC BIND Query Packet Cookie Option Denial of Service Vulnerability

ISC BIND is a set of open source software that implements the DNS protocol. BIND 9.10 provides native support for DNS cookies or user identification, a mechanism designed to protect the security of the query requestor and domain name servers when they interact. An attacker can maliciously constru...

DEBIAN-CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...

CVE-2016-1286

CVE-2016-1286 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). A remote attacker can trigger a denial of service by sending a crafted DNS signature for a DNAME record, leading to an assertion failure in resolver.c or db.c and a named process crash. The issue is documented with ...

CVE-2016-1285

CVE-2016-1285 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). The issue arises from improper handling of control-channel input to rndc, causing assertion failure and named daemon exit via a malformed packet. Connected advisories describe related impact for DNAME records (CVE-2...

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...

CVE-2016-2774

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service INSIST assertion failure or request-processing outage by establishing many sessions...

bind: denial of service

CVE-2016-1285: Testing by ISC has uncovered a defect in control channel input handling which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel the interface which allows named to be controlled using the 'rndc"...

bind -- denial of service vulnerability

ISC reports: An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c...

bind -- denial of service vulnerability

ISC reports: A response containing multiple DNS cookies causes servers with cookie support enabled to exit with an assertion failure...

bind -- denial of service vulnerability

ISC reports: A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c...

CVE-2016-2844

CVE-2016-2844 affects Blink/WebKit as used in Google Chrome prior to 49.0.2623.75. The issue is an improper determination of when anonymous block wrappers may exist in LayoutBlock.cpp, which can allow remote attackers to trigger a denial of service via an incorrect cast and assertion failure, wit...

Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS

According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.15 or 4.x prior to 4.0.7. It is, therefore, potentially affected by multiple denial of service vulnerabilities : - A flaw exists due to not properly appending data to String objects. A remote attacker can...

openssl: assertion failure in SSLv2 servers

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled...

CVE-2016-2572

http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a malformed response...

CVE-2016-2569

CVE-2016-2569 affects Squid (3.x before 3.5.15 and 4.x before 4.0.7). The issue is an incorrect boundary check when appending data to a String object for HTTP headers (notably the Vary header) in responses, which can cause an assertion failure and crash the daemon via a crafted header. Multiple c...

CVE-2016-2571

http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a malformed response...

CVE-2016-2570

The Edge Side Includes ESI parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a crafted XML document, related to esi/CustomParser.cc and...