McAfee Firewall Enterprise DoS (SB10126)

The remote host has a version of McAfee Firewall Enterprise installed that is affected by a denial of service vulnerability due to an assertion flaw that occurs when handling TKEY queries. A remote attacker can exploit this, via a specially crafted request, to cause a REQUIRE assertion failure an...

NeuroServer 0.7.4 - EEG TCPIP Transceiver Remote Denial of Service

NeuroServer 0.7.4 - EEG TCPIP Transceiver Remote Denial of Service !/usr/bin/env python NeuroServer 0.7.4 Remote DoS Shown at DEF CON 23 BioHacking Village Brain Waves Surfing - InSecurity in EEG Electroencephalography Technologies Slides: http://goo.gl/44r1HH NeuroServer is an EEG...

NeuroServer 0.7.4 Denial Of Service

NeuroServer version 0.7.4 suffers from a remote denial of service vulnerability. !/usr/bin/env python NeuroServer 0.7.4 Remote DoS Shown at DEF CON 23 BioHacking Village Brain Waves Surfing - InSecurity in EEG Electroencephalography Technologies Slides: http://goo.gl/44r1HH NeuroServer is an EEG...

[SECURITY] [DLA 290-2] opensaml2 security update

Package : opensaml2 Version : 2.3-2+squeeze2 CVE ID : CVE-2015-0851 It was discovered that opensaml2, a Security Assertion Markup Language library, needed to be rebuilt against a fixed version of the xmltooling package due to its use of macros vulnerable to CVE-2015-0851 as fixed in the DSA 3321-...

[SECURITY] Fedora 22 Update: opensaml-java-2.5.3-9.fc22

OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language SAML. OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0...

[SECURITY] Fedora 21 Update: opensaml-java-2.5.3-9.fc21

OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language SAML. OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0...

Scientific Linux Security Update : bind on SL6.x, SL7.x i386/x86_64 (20150729)

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...

BIND TKEY Query Denial of Service

This module sends a malformed TKEY query, which exploits an error in handling TKEY queries on affected BIND9 'named' DNS servers. As a result, a vulnerable named server will exit with a REQUIRE assertion failure. This condition can be exploited in versions of BIND between BIND 9.1.0 through 9.8.x...

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20150729)

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

bind: denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet leading to denia...

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

Amazon Linux AMI : bind (ALAS-2015-566)

A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. C Tenable Network Security, In...

Important: bind

Issue Overview: A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. Affected...

Scientific Linux Security Update : bind on SL7.x x86_64 (20150720)

A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. CVE-2015-4620 After installing...

Apache Qpid Session.gap Denial of Service - Ver2 (CVE-2015-0203)

A denial of service vulnerability exists in Apache Qpid. The vulnerability is due to an assertion failure prior to session establishment when processing the session.gap control segment. A remote, authenticated attacker could exploit this vulnerability by sending an out of sequence session.gap...

mariadb-clients: denial of service

A heap-based buffer overflow was found in the way PCRE handled certain malformed regular expressions. This issue could cause a crash while parsing malicious regular expressions related to an assertion that allows zero repeats...

Updated subversion packages fix security vulnerabilities

Updated subversion packages fix security vulnerabilities: Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely triggerable assertion D...

Mandriva Linux Security Advisory : tor (MDVSA-2015:205)

Updated tor packages fix security vulnerabilities : disgleirio discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible CVE-2015-2928. DonnchaC discovered that Tor clients would crash with an...