Lucene search
K

39 matches found

RedHat Linux
RedHat Linux
added 2013/10/29 9:12 p.m.5 views

Mozilla: Use-after-free when updating offline cache (MFSA 2013-98)

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...

10CVSS7AI score0.06273EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2013/07/25 12:0 a.m.29 views

PowerDNS Recursor 3.3.x / 3.4.x / 3.5 RC1 Cache Update Policy Deleted Domain Name Resolving Weakness

According to its self-reported version number, the version of the PowerDNS Recursor service listening on the remote host is 3.3.x, 3.4.x, or 3.5 RC1. It is, therefore, affected by a ghost domain names vulnerability in the resolver service due to overwriting cached name servers and TTL values in N...

6.4CVSS5.5AI score0.0594EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2013/05/10 12:0 a.m.14 views

ISC BIND 9 Cache Update Policy Deleted Domain Name Resolving Weakness

Binary data 6805.prm...

5CVSS7.3AI score0.13538EPSS
Exploits1References6
Gentoo Linux
Gentoo Linux
added 2012/09/24 12:0 a.m.45 views

BIND: Multiple vulnerabilities

Background BIND is the Berkeley Internet Name Domain Server. Description Multiple vulnerabilities have been discovered in BIND: Domain names are not properly revoked due to an error in the cache update policy CVE-2012-1033. BIND accepts records with zero-length RDATA fields CVE-2012-1667. An...

8.5CVSS8.2AI score0.36798EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2012/09/24 12:0 a.m.40 views

GLSA-201209-04 : BIND: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201209-04 BIND: Multiple vulnerabilities Multiple vulnerabilities have been discovered in BIND: Domain names are not properly revoked due to an error in the cache update policy CVE-2012-1033. BIND accepts records with zero-length...

8.5CVSS6.8AI score0.36798EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.25 views

Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64 (20120607)

"The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc'; include'compat.inc'; if...

8.5CVSS6.8AI score0.13538EPSS
Exploits2References3
NVD
NVD
added 2010/09/09 10:0 p.m.20 views

CVE-2010-3018

RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors...

4.3CVSS6.2AI score0.00978EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2010/01/21 12:0 a.m.35 views

Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a Col element is used within an...

10CVSS1.9AI score0.20759EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.25 views

Mandriva Linux Security Advisory : squid (MDVSA-2008:134)

An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of service CVE-2008-1612. The updated packages have...

5CVSS5.4AI score0.26858EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.24 views

Mandriva Update for squid MDVSA-2008:134 (squid)

Check for the Version of squid OpenVAS Vulnerability Test Mandriva Update for squid MDVSA-2008:134 squid Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS6.6AI score0.26858EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.22 views

Ubuntu Update for squid vulnerability USN-601-1

Ubuntu Update for Linux kernel vulnerabilities USN-601-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6011.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for squid vulnerability USN-601-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

5CVSS6.7AI score0.26858EPSS
Exploits3References2
seebug.org
seebug.org
added 2008/11/09 12:0 a.m.21 views

Discuz! $_DCACHE数组变量覆盖漏洞

由于Discuz! 的wap\index.php调用Chinese类里Convert方法在处理post数据时不当忽视对数组的处理,可使数组被覆盖为NULL.当覆盖$DCACHE时导致导致xss sql注射 代码执行等众多严重的安全问题.br / br / 一 分析br / /wap/index.phpbr / //43行br /pre$chs = ''; if$POST && $charset != 'utf-8' $chs = new Chinese'UTF-8', $charset; foreach$POST as $key = $value $$key =...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/04/15 12:0 a.m.28 views

squid proxy server DoS

assert on invalid cache update reply...

4.3CVSS1.6AI score0.02182EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2007/12/04 6:46 p.m.15 views

CVE-2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service crash via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects...

5CVSS6.3AI score0.26858EPSS
Exploits2References27
OSV
OSV
added 2007/12/04 6:46 p.m.1 views

DEBIAN-CVE-2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service crash via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects...

5CVSS6.9AI score0.26858EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2007/12/04 6:46 p.m.39 views

CVE-2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service crash via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects...

5CVSS5.9AI score0.26858EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2007/12/04 6:0 p.m.41 views

CVE-2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service crash via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects...

5CVSS4.7AI score0.26858EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/12/04 12:0 a.m.47 views

Squid < 2.6.STABLE18 Cache Update Reply Unspecified DoS

According to its banner, the version of the Squid proxy caching server installed on the remote host is older than 2.6.STABLE18. Such versions reportedly use incorrect bounds checking when processing some cache update replies. A client trusted to use the service may be able to leverage this issue ...

5CVSS5.5AI score0.26858EPSS
Exploits3References4
FreeBSD
FreeBSD
added 2007/11/28 12:0 a.m.36 views

Squid -- Denial of Service Vulnerability

Squid secuirty advisory reports: Due to incorrect bounds checking Squid is vulnerable to a denial of service check during some cache update reply processing. This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service...

5CVSS6.4AI score0.26858EPSS
Exploits2
Rows per page
Query Builder