Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2021-3909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the...

7.5CVSS7.2AI score0.01512EPSS
Exploits0References2
Debian
Debian
added 2022/01/11 9:54 p.m.61 views

[SECURITY] [DSA 5041-1] cfrpki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5041-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 11, 2022 https://www.debian.org/security/faq -...

9.8CVSS7.8AI score0.04065EPSS
Exploits0
Debian
Debian
added 2021/12/30 7:35 p.m.52 views

[SECURITY] [DSA 5033-1] fort-validator security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5033-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 30, 2021 https://www.debian.org/security/faq -...

9.8CVSS7.3AI score0.04065EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/11/11 10:15 p.m.24 views

CVE-2021-3909

OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip...

7.5CVSS7.1AI score0.01512EPSS
Exploits0References4
CVE
CVE
added 2021/11/11 9:45 p.m.87 views

CVE-2021-3909

CVE-2021-3909 affects OctoRPKI: the vulnerable component does not bound connection length, enabling a slowloris-style DOS where the target repository keeps the HTTP connection open (up to about a day) while drip-feeding data. This can cause the OctoRPKI service to hang, impacting availability. Co...

7.5CVSS5.8AI score0.01512EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/11/11 9:45 p.m.25 views

CVE-2021-3909 Infinite open connection causes OctoRPKI to hang forever

OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip...

4.4CVSS8.7AI score0.01512EPSS
Exploits0References3
Rows per page
Query Builder