7041 matches found
Wireshark - wmem_alloc Assertion Failure
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=662 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark...
bind: denial of service
An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible...
Wireshark - wmem_alloc Assertion Failure
Source: https://code.google.com/p/google-security-research/issues/detail?id=662 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...
CVE-2015-8000
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a malformed class attribute...
CVE-2015-7218
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...
CVE-2015-8386
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp...
SOL66871452 - PowerDNS vulnerability CVE-2015-5311
PowerDNS aka pdns Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service assertion failure and server crash via crafted query packets. CVE-2015-5311...
Apache CXF SAML Web SSO Module Authentication Bypass Vulnerability
Apache CXF is an open source service framework for the use of JAX-WS, JAX-RS and other front-end programming API compilation and development services. A security vulnerability in the SAML Web SSO module of Apache CXF allows remote attackers to bypass authentication by constructing specially craft...
powerdns: denial of service
This bug was found using afl-fuzz in the packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdnsserver process, causing a denial-of-service...
Code injection
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...
CVE-2015-3240
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...
CVE-2015-3240
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...
CVE-2006-4095
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via certain SIG queries, which cause an assertion failure when multiple RRsets are returned...
CVE-2006-5779
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service daemon crash via LDAP BIND requests with long authcid names, which triggers an assertion failure...
Network Time Protocol Daemon decodenetnum Assertion Failure (CVE-2015-7855)
A denial-of-service vulnerability exists in the Network Time Protocol daemon NTPD. The vulnerability is due to an assertion failure that can occur in decodenetnum when NTPD receives certain crafted packets. A remote, authenticated attacker can exploit this vulnerability by sending a crafted NTP...
Mac OS X : OS X Server < 5.0.15 Multiple Vulnerabilities
The remote Mac OS X host has a version of OS X Server installed that is prior to 5.0.15. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists due to an assertion flaw that is triggered when parsing malformed DNSSEC keys. An unauthenticated, remo...
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...
ntp -- 13 low- and medium-severity vulnerabilities
ntp.org reports: NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015: Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco ASIG...
Mageia: Security Advisory (MGASA-2015-0341)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Subversion 1.7.x < 1.7.20 / 1.8.x < 1.8.12 Multiple Vulnerabilities
Binary data 8972.prm...