Debian DSA-1732-1 : squid3 - denial of service

Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered an assertion error in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

CVE-2009-0770

CVE-2009-0770 affects dkim-milter 2.6.0 through 2.8.0, where a DKIM signing operation using a DNS-revoked key can trigger an assertion error and cause a denial of service (crash). Related connected sources (Debian DSA-1728-1, OpenVAS entry) indicate a fixed/update is available; practitioners shou...

DSA-1732-1 squid3 - denial of service

Bulletin has no description...

Ubuntu: Security Advisory (USN-724-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1728-1] New dkim-milter packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1728-1 [email protected] http://www.debian.org/security/ Florian Weimer February 27, 2009 http://www.debian.org/security/faq -...

CVE-2009-0506

Unspecified vulnerability in IBM WebSphere Application Server WAS 5.1 and 6.0.2 before 6.0.2.33 on z/OS, when CSIv2 Identity Assertion is enabled and Enterprise JavaBeans EJB interaction occurs between a WAS 6.1 instance and a WAS pre-6.1 instance, allows local users to have an unknown impact via...

CVE-2009-0506

Unspecified vulnerability in IBM WebSphere Application Server WAS 5.1 and 6.0.2 before 6.0.2.33 on z/OS, when CSIv2 Identity Assertion is enabled and Enterprise JavaBeans EJB interaction occurs between a WAS 6.1 instance and a WAS pre-6.1 instance, allows local users to have an unknown impact via...

CVE-2009-0506

CVE-2009-0506 affects IBM WebSphere Application Server 5.1 and 6.0.2 before 6.0.2.33 on z/OS when CSIv2 Identity Assertion is enabled and EJB interaction occurs between a WAS 6.1 instance and a pre-6.1 instance. The vulnerability allows local users to cause an unknown impact via two vectors: (1) ...

Design/Logic Flaw

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in 1 HttpMsg.c and 2 HttpStatusLine.c...

DEBIAN-CVE-2009-0478

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in 1 HttpMsg.c and 2 HttpStatusLine.c...

CVE-2009-0478

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in 1 HttpMsg.c and 2 HttpStatusLine.c...

D-Bus Daemon < 1.2.4 (libdbus) Denial of Service Exploit

No description provided by source. / cve-2008-3834.c D-Bus Daemon Denial of Service 1.2.4 Jon Oberheide [email protected] http://jon.oberheide.org Usage: $ gcc pkg-config dbus-1 --cflags cve-2008-3834.c pkg-config dbus-1 --libs -o cve-2008-3834 $ ./cve-2008-3834 Information:...

GLSA-200901-11 : Avahi: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200901-11 Avahi: Denial of Service Hugo Dias reported a failed assertion in the originatesfromlocallegacyunicastsocket function in avahi-core/server.c when processing mDNS packets with a source port of 0. Impact : A remote attacke...

Avahi: Denial of service

Background Avahi is a system that facilitates service discovery on a local network. Description Hugo Dias reported a failed assertion in the originatesfromlocallegacyunicastsocket function in avahi-core/server.c when processing mDNS packets with a source port of 0. Impact A remote attacker could...

RedHat Security Advisory RHSA-2009:0020

The remote host is missing updates announced in advisory RHSA-2009:0020. A flaw was discovered in the way BIND checked the return value of the OpenSSL DSAdoverify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation...

D-Bus: Denial of service

Background D-Bus is a daemon providing a framework for applications to communicate with one another. Description schelte reported that the dbussignaturevalidate function can trigger a failed assertion when processing a message containing a malformed signature. Impact A local user could send a...

Layout engine crashes - Firefox 2 and 3

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to 1 a reachable assertion or 2 an...

Avahi 0.6.24 - mDNS Daemon Remote Denial of Service

Avahi 0.6.24 - mDNS Daemon Remote Denial of Service / cve-2008-5081.c Avahi mDNS Daemon Remote DoS http://jon.oberheide.org Usage: gcc cve-2008-5081.c -ldnet -o cve-2008-5081 ./cve-2008-5081 1.2.3.4 Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 Crafted mDNS packet with...

Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit

Exploit for multiple platform in category dos / poc ============================================================= Avahi http://jon.oberheide.org Usage: gcc cve-2008-5081.c -ldnet -o cve-2008-5081 ./cve-2008-5081 1.2.3.4 Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081...

CVE-2008-5500

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to 1 a reachable assertion or 2 an...