665 matches found
Android Bluetooth - Blueborne Information Leak (2) Exploit
Exploit for Android platform in category remote exploits from pwn import import bluetooth if not 'TARGET' in args: log.info"Usage: CVE-2017-0785.py TARGET=XX:XX:XX:XX:XX:XX" exit target = args'TARGET' servicelong = 0x0100 serviceshort = 0x0001 mtu = 50 n = 30 def packetservice, continuationstate:...
DEBIAN-CVE-2016-8740
The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION frames in an HTTP/2 request...
CVE-2016-8740
The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION frames in an HTTP/2 request...
Apache Httpd < 2.4.25 : HTTP/2 CONTINUATION denial of service
The HTTP/2 protocol implementation modhttp2 had an incomplete handling of the LimitRequestFields directive. This allowed an attacker to inject unlimited request headers into the server, leading to eventual memory exhaustion...
DEBIAN-CVE-2015-8865
The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...
nghttp2 -- Out of memory in nghttpd, nghttp, and libnghttp2_asio
Nghttp2 reports: Out of memory in nghttpd, nghttp, and libnghttp2asio applications due to unlimited incoming HTTP header fields. nghttpd, nghttp, and libnghttp2asio applications do not limit the memory usage for the incoming HTTP header field. If peer sends specially crafted HTTP/2 HEADERS frames...
Kernel: fs: isofs: infinite loop in CE record entries
It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...
Kernel: fs: isofs: infinite loop in CE record entries
It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...
Kernel: fs: isofs: infinite loop in CE record entries
It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries CE. An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service...
Security update for the Linux Kernel (important)
The Linux kernel was updated to fix various bugs and security issues. Following security issues were fixed: - CVE-2014-8173: A NULL pointer dereference flaw was found in the way the Linux kernels madvise MADVWILLNEED functionality handled page table locking. A local, unprivileged user could have...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens
A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
CVE-2014-9420
The rockcontinue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service infinite loop, and system crash or hang via a crafted iso9660 image...
krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens
A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens
A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application...
UBUNTU-CVE-2014-0193
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
CVE-2011-4294
CVE-2011-4294 describes an open redirect flaw in Moodle’s error-message handling. In Moodle 1.9.x (before 1.9.13), 2.0.x (before 2.0.4), and 2.1.x (before 2.1.1), continuation links in error messages are not guaranteed to point to http(s) URLs of the local Moodle instance, enabling attackers to l...