Oracle Linux 6 : openldap (ELSA-2012-0899)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0899 advisory. - security fix: CVE-2012-1164: assertion failure by processing search queries requesting only attributes for particular entry 813162 Tenable has extracted the...

Oracle Linux 5 : ImageMagick (ELSA-2012-0301)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0301 advisory. - Add fix for CVE-2010-4167 767142 Fix assertion failed when using 'identify -verbose' when theres no image information available 502626 Fix memory allocation...

CVE-2013-3919

resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for a record in a malformed zone...

CVE-2013-3919

CVE-2013-3919 affects ISC BIND where resolver.c, used by recursive resolvers, can trigger an assertion failure and named daemon exit when handling a query for a record in a malformed zone. Affected versions include BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R...

ISC BIND 9 Assertion Error Resource Record RDATA Query Parsing Remote DoS

Binary data 6808.prm...

Mandriva Linux Security Advisory : tor (MDVSA-2013:132)

Updated tor package fixes security vulnerabilities : Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the se...

CVE-2013-1747

CVE-2013-1747 affects ngIRCd 20 and 20.1; a vulnerability in channel.c allows a remote attacker to trigger an assertion failure and crash by sending a KICK for a user not on the channel (denial of service). Exploitation status is not detailed in the provided documents. Remediation: upgrade to ngI...

CVE-2012-4460

The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not...

Out-of-bounds

The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not...

CVE-2012-4460

The CVE-2012-4460 issue affects Apache Qpid (0.20 and earlier) in the qpid::framing::Buffer class’ serializing/deserializing functions. Affects the Buffer component, enabling remote denial of service (assertion failure and daemon exit) via unspecified vectors, with a note that it could trigger an...

Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header

httpGetHdr | l == strlenhdr + 1 Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.0.3, 2.1.5 Summary: It's possible to crash Varnish via assertion if the single header within the Vary header is longer then 127 bytes. The 'l' cachehttp.c2...

CVE-2012-5689

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for an AAAA record...

DEBIAN-CVE-2012-5689

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for an AAAA record...

AIX 6.1 TL 6 : bind9 (IV11743)

An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND...

AIX 7.1 TL 0 : bind9 (IV11744)

An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND...

AIX 5.3 TL 12 : bind9 (IV09491)

An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND...

CVE-2013-0154

CVE-2013-0154 affects Xen 4.2 (and related builds) where, in the get_page_type function of xen/arch/x86/mm.c, if debugging is enabled, local PV/HVM guest admins can trigger an assertion failure and hypervisor crash via certain hypercall-related vectors. The issue is a denial of service causing hy...

Debian DSA-2582-1 : xen - several vulnerabilities

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue CVE-2012-5513 could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories XSA 25and 28 are not fixed by this update and should be fixed in...

Important: bind

Issue Overview: A flaw was found in the DNS64 implementation in BIND. If a remote attacker sent a specially-crafted query to a named server, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. CVE-2012-5688 Affected Packages: bind Issue...

bind: DoS on servers using DNS64

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...