5 matches found
CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake
Impact An unauthenticated remote attacker can pin one server thread‑pool worker at 100 % CPU per connection. With a few connections, the CPU usage can be exhausted. Preconditions An attacker being able to reach a service which is exposing an endpoint using one of NetTcpBinding, NetNamedPipeBindin...
CVE-2021-35472
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users...
CVE-2020-7046
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop...
XenMobile Apps in authentication loop or crashing when returning to Secure Hub to do authentication
Secure Hub and apps for example Secure Mail end up in an authentication loop with Secure Hub showing the error message "Verify your credentials and try again", with the following options "Sign On" or "Quit". Sign On would bring you back to Secure Hub and start the loop all over again...
Oracle Solaris Third-Party Patch Update : vino (cve_2013_5745_input_validation)
The remote Solaris system is missing necessary patches to address security updates : - The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the...