7005 matches found
Avahi: Denial of service
Background Avahi is a system that facilitates service discovery on a local network. Description Hugo Dias reported a failed assertion in the originatesfromlocallegacyunicastsocket function in avahi-core/server.c when processing mDNS packets with a source port of 0. Impact A remote attacker could...
RedHat Security Advisory RHSA-2009:0020
The remote host is missing updates announced in advisory RHSA-2009:0020. A flaw was discovered in the way BIND checked the return value of the OpenSSL DSAdoverify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation...
D-Bus: Denial of service
Background D-Bus is a daemon providing a framework for applications to communicate with one another. Description schelte reported that the dbussignaturevalidate function can trigger a failed assertion when processing a message containing a malformed signature. Impact A local user could send a...
Layout engine crashes - Firefox 2 and 3
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to 1 a reachable assertion or 2 an...
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
Exploit for multiple platform in category dos / poc ============================================================= Avahi http://jon.oberheide.org Usage: gcc cve-2008-5081.c -ldnet -o cve-2008-5081 ./cve-2008-5081 1.2.3.4 Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081...
Avahi 0.6.24 - mDNS Daemon Remote Denial of Service
Avahi 0.6.24 - mDNS Daemon Remote Denial of Service / cve-2008-5081.c Avahi mDNS Daemon Remote DoS http://jon.oberheide.org Usage: gcc cve-2008-5081.c -ldnet -o cve-2008-5081 ./cve-2008-5081 1.2.3.4 Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 Crafted mDNS packet with...
CVE-2008-5500
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to 1 a reachable assertion or 2 an...
CVE-2008-5081
The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...
DEBIAN-CVE-2008-5081
The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...
CVE-2008-5081
The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...
CVE-2008-5081
The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...
Layout engine crashes - Firefox 2 and 3
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to 1 a reachable assertion or 2 an...
Layout engine crash - Firefox 3 only
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure...
Layout engine crashes - Firefox 2 and 3
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to 1 a reachable assertion or 2 an...
Layout engine crash - Firefox 3 only
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure...
openSUSE 10 Security Update : seamonkey (seamonkey-5815)
This update brings the Mozilla SeaMonkey browser to version 1.1.13. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check...
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5812)
This update brings the Mozilla Firefox browser to version 2.0.0.18. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check...
CVE-2008-5014
jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying the window.proto.proto object in a way that...
Design/Logic Flaw
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...
CVE-2008-5016
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...