Lucene search
K

7041 matches found

0day.today
0day.today
added 2015/12/16 12:0 a.m.65 views

Wireshark - wmem_alloc Assertion Failure

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=662 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark...

4.3CVSS5.7AI score0.04407EPSS
Exploits1
ArchLinux
ArchLinux
added 2015/12/16 12:0 a.m.55 views

bind: denial of service

An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible...

6.9CVSS1.8AI score0.5469EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2015/12/16 12:0 a.m.52 views

Wireshark - wmem_alloc Assertion Failure

Source: https://code.google.com/p/google-security-research/issues/detail?id=662 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2015/12/15 12:0 a.m.33 views

CVE-2015-8000

db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a malformed class attribute...

5CVSS6.9AI score0.5469EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/12/15 12:0 a.m.21 views

CVE-2015-7218

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...

5CVSS6.9AI score0.02888EPSS
Exploits0References3
NVD
NVD
added 2015/12/02 1:59 a.m.18 views

CVE-2015-8386

PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp...

9.8CVSS9.7AI score0.07059EPSS
Exploits0References13
F5 Networks
F5 Networks
added 2015/11/30 12:0 a.m.43 views

SOL66871452 - PowerDNS vulnerability CVE-2015-5311

PowerDNS aka pdns Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service assertion failure and server crash via crafted query packets. CVE-2015-5311...

5CVSS5.9AI score0.67456EPSS
Exploits0References5
CNVD
CNVD
added 2015/11/19 12:0 a.m.3 views

Apache CXF SAML Web SSO Module Authentication Bypass Vulnerability

Apache CXF is an open source service framework for the use of JAX-WS, JAX-RS and other front-end programming API compilation and development services. A security vulnerability in the SAML Web SSO module of Apache CXF allows remote attackers to bypass authentication by constructing specially craft...

4CVSS8.4AI score0.05696EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2015/11/12 12:0 a.m.30 views

powerdns: denial of service

This bug was found using afl-fuzz in the packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdnsserver process, causing a denial-of-service...

5CVSS6.4AI score0.67456EPSS
Exploits0References3
Prion
Prion
added 2015/11/09 4:59 p.m.19 views

Code injection

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...

4.3CVSS6.9AI score0.02765EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2015/11/09 4:59 p.m.12 views

CVE-2015-3240

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...

4.3CVSS7.1AI score0.02765EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/11/09 4:0 p.m.23 views

CVE-2015-3240

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...

6.2AI score0.02765EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2015/10/30 10:29 a.m.22 views

CVE-2006-4095

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via certain SIG queries, which cause an assertion failure when multiple RRsets are returned...

7.5CVSS7.6AI score0.12551EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2015/10/30 9:34 a.m.15 views

CVE-2006-5779

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service daemon crash via LDAP BIND requests with long authcid names, which triggers an assertion failure...

7.5CVSS7.2AI score0.75373EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2015/10/29 12:0 a.m.1 views

Network Time Protocol Daemon decodenetnum Assertion Failure (CVE-2015-7855)

A denial-of-service vulnerability exists in the Network Time Protocol daemon NTPD. The vulnerability is due to an assertion failure that can occur in decodenetnum when NTPD receives certain crafted packets. A remote, authenticated attacker can exploit this vulnerability by sending a crafted NTP...

4CVSS2.5AI score0.31068EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2015/10/26 12:0 a.m.41 views

Mac OS X : OS X Server < 5.0.15 Multiple Vulnerabilities

The remote Mac OS X host has a version of OS X Server installed that is prior to 5.0.15. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists due to an assertion flaw that is triggered when parsing malformed DNSSEC keys. An unauthenticated, remo...

7.8CVSS7AI score0.33652EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2015/10/22 12:0 a.m.39 views

CVE-2015-7855

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...

6.5CVSS6.8AI score0.31068EPSS
Exploits4References3
FreeBSD
FreeBSD
added 2015/10/21 12:0 a.m.96 views

ntp -- 13 low- and medium-severity vulnerabilities

ntp.org reports: NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015: Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco ASIG...

9.8CVSS6.8AI score0.81762EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.31 views

Mageia: Security Advisory (MGASA-2015-0341)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.33652EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/10/13 12:0 a.m.32 views

Apache Subversion 1.7.x < 1.7.20 / 1.8.x < 1.8.12 Multiple Vulnerabilities

Binary data 8972.prm...

7.8CVSS6.5AI score0.12841EPSS
Exploits0References9
Rows per page
Query Builder