Lucene search
K

7041 matches found

FreeBSD
FreeBSD
added 2016/03/09 12:0 a.m.46 views

bind -- denial of service vulnerability

ISC reports: A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c...

8.6CVSS8.7AI score0.621EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/03/09 12:0 a.m.38 views

bind -- denial of service vulnerability

ISC reports: An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c...

6.8CVSS8AI score0.59143EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2016/03/09 12:0 a.m.83 views

bind: denial of service

CVE-2016-1285: Testing by ISC has uncovered a defect in control channel input handling which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel the interface which allows named to be controlled using the 'rndc"...

5CVSS0.5AI score0.621EPSS
Exploits0References4
CVE
CVE
added 2016/03/06 2:0 a.m.67 views

CVE-2016-2844

CVE-2016-2844 affects Blink/WebKit as used in Google Chrome prior to 49.0.2623.75. The issue is an improper determination of when anonymous block wrappers may exist in LayoutBlock.cpp, which can allow remote attackers to trigger a denial of service via an incorrect cast and assertion failure, wit...

9.3CVSS9.2AI score0.02121EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/03/02 12:0 a.m.50 views

Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS

According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.15 or 4.x prior to 4.0.7. It is, therefore, potentially affected by multiple denial of service vulnerabilities : - A flaw exists due to not properly appending data to String objects. A remote attacker can...

7.5CVSS7.8AI score0.31411EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/03/01 2:44 p.m.4 views

openssl: assertion failure in SSLv2 servers

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled...

5CVSS6.7AI score0.21247EPSS
Exploits0References6
OSV
OSV
added 2016/02/27 5:59 a.m.10 views

CVE-2016-2572

http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a malformed response...

7.5CVSS7.9AI score
Exploits0References9
CVE
CVE
added 2016/02/27 2:0 a.m.113 views

CVE-2016-2569

CVE-2016-2569 affects Squid (3.x before 3.5.15 and 4.x before 4.0.7). The issue is an incorrect boundary check when appending data to a String object for HTTP headers (notably the Vary header) in responses, which can cause an assertion failure and crash the daemon via a crafted header. Multiple c...

7.5CVSS7.1AI score0.31411EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2016/02/27 2:0 a.m.28 views

CVE-2016-2571

http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a malformed response...

7.5CVSS7.5AI score0.09363EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/02/27 12:0 a.m.27 views

CVE-2016-2570

The Edge Side Includes ESI parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a crafted XML document, related to esi/CustomParser.cc and...

7.5CVSS7.2AI score0.09025EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2016/02/25 12:0 a.m.5 views

ISC BIND apl_42.c INSIST Assertion Failure Denial of Service (CVE-2015-8704)

A denial-of-service vulnerability has been reported in BIND DNS package bind9. The vulnerability is due to an error in string format operations that causes the BIND daemon to exit with an INSIST assertion failure when processing certain records. A remote attacker could exploit this vulnerability...

6.8CVSS3.6AI score0.20172EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/02/24 12:0 a.m.6 views

DNS BIND server vulnerability, allowing attackers to cause service failures

The vulnerability of the DNS BIND server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an error message “Assertion failure” or the termination of the daemon—by using a specially...

6.8CVSS6.7AI score0.20172EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/02/24 12:0 a.m.4 views

DNS BIND server vulnerability, which allows attackers to cause service failures or exert other effects

The vulnerability of the DNS BIND server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures or other adverse effects, such as the appearance of an error message indicating “Assertion failure” or the termination ...

6.6CVSS6.8AI score0.07654EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/12 12:0 a.m.26 views

ISC BIND 9.9.8-Sx < 9.9.8-S5 REQUIRE Assertion DoS

According to its self-reported version number, the version of BIND 9 Supported Preview Edition running on the remote host is version 9.9.8-Sx prior to 9.9.8-S5. It is, therefore, affected by a denial of service vulnerability due to a flaw in file rdataset.c related to handling flag values in...

5.9CVSS6AI score0.03311EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/01/29 12:0 a.m.22 views

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20160128)

An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/01/29 12:0 a.m.45 views

RHEL 7 : qemu-kvm (RHSA-2016:0083)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0083 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the...

8.1CVSS8.2AI score0.06085EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/01/29 12:0 a.m.35 views

RedHat Update for qemu-kvm RHSA-2016:0083-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.6AI score0.06085EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/01/29 12:0 a.m.47 views

RHEL 6 : bind (RHSA-2016:0078)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0078 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...

7.8CVSS7AI score0.91284EPSS
Exploits12References14
RedHat Linux
RedHat Linux
added 2016/01/28 4:13 p.m.48 views

Important: Red Hat Security Advisory: qemu-kvm security and bug fix update

Updated qemu-kvm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS7.6AI score0.06085EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/01/28 1:45 p.m.3 views

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References6
Rows per page
Query Builder