EUVD-2010-3020

Malware in sbrugna...

Denial Of Service (DoS)

github.com/notaryproject/notation-go is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of temporary file operations during CRL cache updates, specifically the use of the os.Rename method, which fails when moving files across different mount points, allows an...

unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names

A flaw was found in Unbound, which is vulnerable to a novel type of "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates...

PT-2021-21330 · Varnish +5 · Varnish Cache +6

Name of the Vulnerable Software and Affected Versions: Varnish Enterprise versions 6.0.x through 6.0.8r2 Varnish Cache versions 5.x through 6.5.1 Varnish Cache versions 6.6.x through 6.6.0 Varnish Cache 6.0 LTS versions prior to 6.0.8 Description: The issue allows request smuggling and VCL...

Oracle Linux 5 : Moderate: / squid (ELSA-2007-1130)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2007-1130 advisory. 2.5.STABLE3-8.3E - fix for 410181 - CVE-2007-6239 Squid DoS in cache updates 2.5.STABLE3-7 - resolves: 238103: 'forwardedfor off' in squid.conf does not work...

Design/Logic Flaw

RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors...

CVE-2010-3018

RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors...

Squid: Denial of service

Background Squid is a multi-protocol proxy server. Description The Wikimedia Foundation reported a memory leak vulnerability when performing cache updates. Impact A remote attacker could perform numerous specially crafted requests to the vulnerable server, resulting in a Denial of Service...

squid: DoS in cache updates

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service crash via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects...

CVE-2006-3508

Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service crash, gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates...

CVE-2006-3508

Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service crash, gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates...