Lucene search
K

7041 matches found

Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.30 views

AIX 7.2 TL 0 : bind (IV84459) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.69 views

AIX 7.1 TL 4 : bind (IV84458) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/20 12:0 a.m.64 views

AIX 6.1 TL 9 : bind (IV84984) (deprecated)

https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...

7.9AI score0.621EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/06/17 12:0 a.m.59 views

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1568-1)

ntp was updated to version 4.2.8p8 to fix 17 security issues. These security issues were fixed : - CVE-2016-4956: Broadcast interleave bsc982068. - CVE-2016-2518: Crafted addpeer with hmode 7 causes array wraparound with MATCHASSOC bsc977457. - CVE-2016-2519: ctlgetitem return value not always...

9.8CVSS6.8AI score0.44936EPSS
Exploits9References54
Check Point Advisories
Check Point Advisories
added 2016/06/13 12:0 a.m.10 views

Squid Long String Header Processing Assertion Failure (CVE-2016-2569)

A denial-of-service vulnerability has been reported in Squid. The vulnerability is due to the way Squid uses a String object of a certain maximum length to store incoming headers, such as the Vary header, in HTTP responses. Long strings in headers can cause an assertion failure...

5CVSS0.5AI score0.31411EPSS
Exploits0
OSV
OSV
added 2016/06/10 9:34 a.m.7 views

SUSE-SU-2016:1541-1 Security update for bind

This update for bind fixes two assertion failures that could lead to a remote denial of service attack: - CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 - CVE-2016-1286: An error when parsing signature records for...

8.6CVSS7.5AI score0.621EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/06/06 12:0 a.m.66 views

Amazon Linux AMI : ntp (ALAS-2016-708)

It was found that an ntpd client could be forced to change from basic client/server mode to the interleaved symmetric mode. A remote attacker could use a spoofed packet that, when processed by an ntpd client, would cause that client to reject all future legitimate server responses, effectively...

7.2CVSS6.5AI score0.15201EPSS
Exploits4References5
Amazon
Amazon
added 2016/06/02 12:0 a.m.60 views

Medium: ntp

Issue Overview: It was found that an ntpd client could be forced to change from basic client/server mode to the interleaved symmetric mode. A remote attacker could use a spoofed packet that, when processed by an ntpd client, would cause that client to reject all future legitimate server responses...

7.2CVSS7AI score0.15201EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2016/06/01 12:0 a.m.33 views

openSUSE Security Update : ntp (openSUSE-2016-649)

This update for ntp fixes the following issues : - Update to 4.2.8p7 boo977446 : - CVE-2016-1547, boo977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, boo977461: Interleave-pivot - CVE-2016-1549, boo977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550,...

9.8CVSS6.9AI score0.81762EPSS
Exploits20References76
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.5 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...

9.1CVSS7.6AI score0.07673EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.6 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.06587EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/26 12:0 a.m.41 views

F5 Networks BIG-IP : NTP vulnerability (K17515)

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may be able to disrupt ntpd...

6.5CVSS6.3AI score0.31068EPSS
Exploits4References2
NVD
NVD
added 2016/05/23 7:59 p.m.12 views

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

7.5CVSS6.7AI score0.04642EPSS
Exploits0References9
OSV
OSV
added 2016/05/23 7:59 p.m.2 views

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

7.5CVSS5.8AI score0.04642EPSS
Exploits0References9
Prion
Prion
added 2016/05/23 7:59 p.m.21 views

Design/Logic Flaw

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

5CVSS6.9AI score0.04642EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2016/05/23 7:0 p.m.23 views

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

7.4AI score0.04642EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2016/05/23 12:0 a.m.26 views

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

7.5CVSS6.9AI score0.04642EPSS
Exploits0References4
OSV
OSV
added 2016/05/23 12:0 a.m.4 views

UBUNTU-CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

7.5CVSS6.9AI score0.04642EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2016/05/17 12:0 a.m.3 views

ISC BIND DNS Cookie Assertion Failure Denial of Service (CVE-2016-2088)

A denial-of-service vulnerability exists in ISC BIND9. The vulnerability is due to improperly processing DNS cookies. A remote attacker could exploit this vulnerabilities by sending a maliciously crafted DNS packet to a target BIND server...

4.3CVSS3.4AI score0.2262EPSS
Exploits0
OSV
OSV
added 2016/05/14 9:59 p.m.1 views

CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::doubleconversion::Vector classes, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted web site...

8.8CVSS7.4AI score
Exploits0References13
Rows per page
Query Builder