Lucene search
K

7041 matches found

RedHat Linux
RedHat Linux
added 2016/01/28 1:45 p.m.6 views

bind: responses with a malformed class attribute can trigger an assertion failure in db.c

A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...

5CVSS6.8AI score0.5469EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/01/28 12:0 a.m.30 views

F5 Networks BIG-IP : BIND vulnerability (SOL14601)

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for an AAAA record. C Tenable...

7.1CVSS7.2AI score0.12036EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2016/01/26 12:0 a.m.79 views

ISC BIND 9.3.0 < 9.9.8-P3 / 9.9.x-Sx < 9.9.8-S4 / 9.10.x < 9.10.3-P3 Multiple DoS

According to its self-reported version number, the installation of ISC BIND running on the remote name server is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to improper handling of certain string formatting options. An authenticated,...

7CVSS6.8AI score0.20172EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2016/01/19 8:0 p.m.34 views

CVE-2015-8704

apl42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service INSIST assertion failure and daemon exit via a malformed Address Prefix List APL record...

6.8CVSS6.8AI score0.20172EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2016/01/09 12:0 a.m.52 views

wireshark-gtk: denial of service

CVE-2015-8742 denial of service The dissectCPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service memory consumption or application crash via a...

4.3CVSS3.7AI score0.07142EPSS
Exploits14References25
NVD
NVD
added 2016/01/04 5:59 a.m.20 views

CVE-2015-8739

The ipmifmtudpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted packet...

5.5CVSS5.5AI score0.04407EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2016/01/04 5:59 a.m.33 views

CVE-2015-8739

The ipmifmtudpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted packet...

5.5CVSS6.5AI score0.04407EPSS
Exploits1References4
CNVD
CNVD
added 2015/12/31 12:0 a.m.6 views

lldp 'assert()' function denial of service vulnerability

lldp Link Layer Discovery Protocol is a link layer discovery protocol that allows network devices to advertise their device identity and performance on the local subnet. A denial of service vulnerability exists in lldp. An attacker could exploit this vulnerability to crash the daemon and deny...

7.5CVSS6.5AI score0.03EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/12/29 12:0 a.m.5 views

The vulnerability of the Firefox browser, which allows a violator to trigger a service failure

The vulnerability in the implementation of the HTTP/2 protocol in Firefox browsers arises from the loss of precision in calculations. Exploiting this vulnerability allows a malicious actor to cause a service failure—the appearance of an error message indicating “Assertion failure” or an emergency...

5CVSS7.2AI score0.02888EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2015/12/18 12:0 a.m.4 views

Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08319)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the HTTP/2 implementation of Mozilla Firefox prior to version 43.0. A remote attacker can exploit this vulnerability to cause a denial of service integer...

5CVSS8.7AI score0.02888EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/12/17 12:0 a.m.34 views

Debian DLA-370-1 : bind9 security update

It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently...

5CVSS6.9AI score0.5469EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/12/16 5:44 p.m.1 views

bind: responses with a malformed class attribute can trigger an assertion failure in db.c

A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...

5CVSS6.8AI score0.5469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/12/16 5:19 p.m.4 views

bind: responses with a malformed class attribute can trigger an assertion failure in db.c

A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...

5CVSS6.8AI score0.5469EPSS
Exploits0References5
NVD
NVD
added 2015/12/16 11:59 a.m.24 views

CVE-2015-7218

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...

5CVSS5.5AI score0.02888EPSS
Exploits0References11
Prion
Prion
added 2015/12/16 11:59 a.m.22 views

Integer overflow

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...

5CVSS6.9AI score0.02888EPSS
Exploits0References11Affected Software4
Cvelist
Cvelist
added 2015/12/16 11:0 a.m.27 views

CVE-2015-7219

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation...

7AI score0.02888EPSS
Exploits0References11
Cvelist
Cvelist
added 2015/12/16 11:0 a.m.27 views

CVE-2015-7218

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...

7AI score0.02888EPSS
Exploits0References11
CVE
CVE
added 2015/12/16 11:0 a.m.85 views

CVE-2015-7219

CVE-2015-7219 affects Mozilla Firefox before 43.0 via the HTTP/2 implementation. A malformed PushPromise frame can trigger decompressed-buffer length miscalculation and incorrect memory allocation, leading to a denial of service (integer underflow, assertion failure, and application exit). The is...

5CVSS6.8AI score0.02888EPSS
Exploits0References11Affected Software2
CVE
CVE
added 2015/12/16 11:0 a.m.120 views

CVE-2015-7218

CVE-2015-7218 affects Mozilla Firefox before 43.0. The HTTP/2 implementation allows remote DoS via a single-byte header frame that triggers integer underflow and incorrect memory allocation, leading to an assertion and application exit. Public advisories (e.g., Mageia/OpenSUSE/Fedora/Nessus-docum...

5CVSS6.8AI score0.02888EPSS
Exploits0References11Affected Software2
exploitpack
exploitpack
added 2015/12/16 12:0 a.m.17 views

Wireshark - wmem_alloc Assertion Failure

Wireshark - wmemalloc Assertion Failure Source: https://code.google.com/p/google-security-research/issues/detail?id=662 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr...

7.4AI score
Exploits0
Rows per page
Query Builder