CVE-2012-1820

The bgpcapabilityorf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service assertion failure and daemon exit by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering ORF capability TLV in an OPEN message...

CVE-2012-1820

Summary of CVE-2012-1820 : In Quagga, the bgpd daemon (versions up to 0.99.20.1 and earlier) incorrectly processes the BGP ORF capability in OPEN messages, allowing a remote attacker with a configured BGP peer to trigger an assertion failure and crash bgpd, causing a denial of service. The root c...

CVE-2012-1820

The bgpcapabilityorf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service assertion failure and daemon exit by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering ORF capability TLV in an OPEN message...

CVE-2012-1327

dot11t/tifdot11halath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service assertion failure and reboot via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391...

Code injection

dot11t/tifdot11halath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service assertion failure and reboot via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391...

CVE-2012-0249

Buffer overflow in the ospflsupdlistlsa function in ospfpacket.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a Link State Update aka LS Update packet that is smaller than the length...

Buffer overflow

Buffer overflow in the ospflsupdlistlsa function in ospfpacket.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a Link State Update aka LS Update packet that is smaller than the length...

CVE-2012-0249

Removed by vendor...

Fedora Update for opensaml FEDORA-2011-12815

Check for the Version of opensaml OpenVAS Vulnerability Test Fedora Update for opensaml FEDORA-2011-12815 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

GLSA-201203-12 : OpenSSL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201203-12 OpenSSL: Multiple vulnerabilities Multiple vulnerabilities have been found in OpenSSL: Timing differences for decryption are exposed by CBC mode encryption in OpenSSLs implementation of DTLS CVE-2011-4108. A policy check...

ImageMagick security and bug fix update

6.2.8.0-12.el5 - Add fix for CVE-2010-4167 767142 6.2.8.0-11.el5 Fix assertion failed when using 'identify -verbose' when theres no image information available 502626 6.2.8.0-10.el5 Fix memory allocation failure when using color option 616538 Fix hang when converting broken GIF 693989 Fix...

ISC BIND Crafted ANY Request Response Multiple RRsets DoS

The version of BIND installed on the remote host suggests that it suffers from a denial of service vulnerability that could be triggered by sending a large volume of recursive queries that return multiple RRsets in the answer section, triggering assertion checks. To be vulnerable you need to have...

FreeBSD : OpenSSL -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670)

The OpenSSL Team reports : 6 security flaws have been fixed in OpenSSL 1.0.0f : If X509VFLAGPOLICYCHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. OpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as block cipher padding in SSL 3.0 records. As ...

Vulnerability in OpenSSL - Malformed RFC 3779 Data Can Cause Assertion Failures

RFC 3779 data can be included in certificates, and if it is malformed, may trigger an assertion failure. This could be used in a denial-of-service attack. Builds of OpenSSL are only vulnerable if configured with “enable-rfc3779”, which is not a default. Found by Andrew Chi...

MIT Kerberos 5 DoS

TGS Null pointer dereference. TGS assertion failure...

Important: bind

Issue Overview: A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Affected...

CVE-2011-4313

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...

CVE-2011-4313

Description summary: CVE-2011-4313 affects ISC BIND 9.0.x–9.9.0b1 and can cause a remote denial of service (assertion failure and named exit) triggered by certain recursive DNS query handling and the caching of an invalid record. Root cause / impact: the issue is tied to the resolver’s processing...

Mandriva Update for bind MDVSA-2011:176-2 (bind)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

bind, caching security update

CentOS Errata and Security Advisory CESA-2011:1458 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS bas...