21 matches found
RHEL 10 : python-kdcproxy (RHSA-2025:21142)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21142 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
EUVD-2018-10983
Malware in sbrugna...
EUVD-2002-0817
Malware in sbrugna...
Missing Authentication for Critical Function
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
Design/Logic Flaw
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
Security update for python-mysql-connector-python (moderate)
openSUSE Security Update: Security update for python-mysql-connector-python Announcement ID: openSUSE-SU-2020:0409-1 Rating: moderate References: 1122204 Cross-References: CVE-2019-2435 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: Thi...
Code injection
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses...
CVE-2014-8182
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses...
CVE-2014-8182
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses...
CVE-2014-8182
CVE-2014-8182 concerns OpenLDAP 2.4 slapd when processing DNS SRV messages. An off-by-one error can cause a crash if the dnssrv backend is used, allowing a remote attacker to crash the service with crafted DNS responses. The available connected sources confirm the affected software (OpenLDAP 2.4/...
FreeBSD : asterisk -- Remote crash vulnerability DNS SRV and NAPTR lookups (c6fb2734-e835-11e8-b14b-001999f8d30b)
The Asterisk project reports : There is a buffer overflow vulnerability in dnssrv and dnsnaptr functions of Asterisk that allows an attacker to crash Asterisk via a specially crafted DNS SRV or NAPTR response. The attackers request causes Asterisk to segfault and crash. C Tenable Network Security...
Buffer overflow
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...
CVE-2018-19278
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...
CVE-2018-19278
CVE-2018-19278 affects Digium Asterisk 15.x (before 15.6.2) and 16.x (before 16.0.1). The issue is a buffer overflow in DNS SRV and NAPTR lookups, caused by a mismatch between the buffer size and the compressed vs expanded length, which can be triggered by specially crafted DNS responses and may ...
CVE-2002-0825
Buffer overflow in the DNS SRV code for nssldap before nssldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code...
DEBIAN-CVE-2002-0825
Buffer overflow in the DNS SRV code for nssldap before nssldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code...