DEBIAN-CVE-2010-0628

The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...

CVE-2010-0628

The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...

Debian DSA-1830-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0040 The execution of arbitrary code might be possible via a crafted...

CVE-2010-0283

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...

Cross site request forgery (csrf)

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...

ISC BIND DNSSEC Validation Multiple RRsets Denial of Service (CVE-2007-0494)

The Domain Name System DNS is a system of mapping host names to IP addresses. Domain names consist of alphabetic characters such that they areeasier for human to remember. BIND Berkeley Internet Name Domain is an implementation of the DNS protocol and provides an openly redistributable reference...

CVE-2010-0283

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...

CVE-2010-0283

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...

CVE-2010-0283

CVE-2010-0283 affects MIT Kerberos 5 (krb5) in versions: 1.7 prior to 1.7.2 and 1.8 alpha. A remote attacker can trigger an assertion failure by sending invalid AS-REQ or TGS-REQ requests, causing a denial of service (daemon crash). Public sources in the OpenVAS/Gentoo/Ubuntu disclosures corrobor...

MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2010-001 MIT krb5 Security Advisory 2010-001 Original release: 2010-02-16 Last update: 2010-02-16 Topic: krb5-1.7 KDC denial of service CVE-2010-0283 krb5-1.7 KDC denial of service CVSSv2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:O/RC:C...

krb5 -- multiple denial of service vulnerabilities

Two vulnerabilities in krb5 can be used by remote attackers in denial of service attacks. The MIT security advisories report this as follows: An unauthenticated remote attacker can send an invalid request to a KDC process that will cause it to crash due to an assertion failure, creating a denial ...

Mandriva Linux Security Advisory : squid (MDVSA-2010:033)

A vulnerability have been discovered and corrected in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15, which allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header CVE-2010-0308. This update provides a fix to this...

CVE-2010-0308

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header...

DEBIAN-CVE-2010-0308

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header...

CVE-2010-0308

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header...

SuSE9 Security Update : OpenLDAP 2 (YOU Patch Number 12222)

This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams, which triggers an assertion error. CVE-2008-2952 Additionally a bug was fixed in ldapfreeconnection which...

CVE-2009-3242

Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service application crash via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure...

CVE-2008-7011

The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service server exit via multiple file downloads from the server, which triggers an assertion...

RedHat Security Advisory RHSA-2009:1181

The remote host is missing updates announced in advisory RHSA-2009:1181. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named, a resolver library routines for applications to use when interfacing with DNS, and tools...

RedHat Security Advisory RHSA-2009:1181

The remote host is missing updates announced in advisory RHSA-2009:1181. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools...