316 matches found
MGASA-2015-0422 Updated exfat-utils package fixes security vulnerabilities
Fix heap overflow and endless loop in exfatfsck exfat-utils is a collection of tools to work with the exFAT filesystem. Fuzzing the exfatfsck with american fuzzy lop led to the discovery of a write heap overflow and an endless loop. Especially at risk are systems that are configured to run...
Network Time Protocol Remote Configuration Denial of Service Vulnerability
Talos Vulnerability Report TALOS-2015-0055 Network Time Protocol Remote Configuration Denial of Service Vulnerability October 21, 2015 CVE Number CVE-2015-7850 Description An exploitable denial of service vulnerability exists in the remote configuration functionality of the Network Time Protocol....
Resource Exthaustion when sanitizing filenames - ownCloud
The sanitization component for filenames was vulnerable to DoS when parsing specially crafted file names passed via specific endpoints. Effectively this lead to a endless loop filling the log file until the system is not anymore responsive. Affected Software ownCloud Server 6.0.8 CVE-2015-4717...
Server: Resource Exthaustion when sanitizing filenames
The sanitization component for filenames was vulnerable to DoS when parsing specially crafted file names passed via specific endpoints. Effectively this lead to a endless loop filling the log file until the system is not anymore responsive. For more information please consult the official advisor...
wireshark-cli: denial of service
CVE-2014-8710 out-of-bounds read Out-of-bounds read flaw in the SigComp dissector sigcomp-udvm leads to denial of service while processing malformed packets. - CVE-2014-8711 out-of-bounds read The AMQP dissector is seeing a large value in the capture file for what it thinks should be a field...
Can't push subtree
As requested in answer to my stackoverflow http://stackoverflow.com/questions/24637748/cant-push-subtree-using-sourcetree post I'm posting this potential bug here. Using a basic schema for git subtree I created 2 repository on Github: "project" and "framework" and made the followings: - Clone...
IBM OmniFind Crawler Denial of Service Vulnerability
No description provided by source. Crawler endless loop CVE-2010-3899 The crawler has no recursion depth limit. A site with dynamic parameter manipulation can cause an endless loop. This loop will block the crawler thread and use permanent server resources. Too many blocks can lead to a denial of...
samsung net-i ware <= 1.37 - Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: Samsung NET-i ware http://www.samsungsecurity.com/product/productview.asp?idx=6447 http://www.samsungsecurity.com/product/productview.asp?idx=5828 Versions: = 1.37 Platforms: Windows Bugs: A Endless loop in remote services B Code...
Qt 4.6.3 "QSslSocketBackendPrivate::transmit()" Denial of Service
No description provided by source. Source: http://aluigi.org/adv/qtsslame-adv.txt Luigi Auriemma Application: Qt http://qt.nokia.com Versions: = 4.6.3 Platforms: Windows, Mac OS X, Linux, mobile devices Bug: QSSLsocket endless loop Exploitation: remote, versus server Date: 29 Jun 2010 Author: Lui...
optima apiftp server <= 1.5.2.13 - Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: Optima APIFTP Server http://www.optimalog.com/home.html Versions: = 1.5.2.13 Platforms: Windows Bugs: A NULL pointer B endless loop Exploitation: remote Date: 13 Nov 2011 Author: Luigi Auriemma e-mail: [email protected] web:...
SAP Sybase Adaptive Server Enterprise DoS (SAP Note 1887342)
An unauthenticated, remote attacker can trigger a condition in which SAP Sybase ASE enters an endless loop, causing it to consume all of the available processing time. This causes the entire machine to become unresponsive until the process is terminated manually. An attacker can use this flaw to...
Oracle Linux 5 : kernel (ELSA-2010-0398)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0398 advisory. - xen arpl on MMIO area crashes the guest Paolo Bonzini 572979 572982 CVE-2010-0730 - misc kernel: fix elf load DoS on x8664 Danny Feng 560552 560553...
Avira Antivir DoS
Endless loop on PDF processing...
FreeBSD : lighttpd -- remote DoS in header parsing (1cd3ca42-33e6-11e2-a255-5404a67eef98)
Lighttpd security advisory reports : Certain Connection header values will trigger an endless loop, for example : 'Connection: TE,,Keep-Alive' On receiving such value, lighttpd will enter an endless loop, detecting an empty token but not incrementing the current string position, and keep reading...
lighttpd -- remote DoS in header parsing
Lighttpd security advisory reports: Certain Connection header values will trigger an endless loop, for example: "Connection: TE,,Keep-Alive" On receiving such value, lighttpd will enter an endless loop, detecting an empty token but not incrementing the current string position, and keep reading th...
Samsung NET-i ware 1.37 - Multiple Vulnerabilities
Samsung NET-i ware 1.37 - Multiple Vulnerabilities Luigi Auriemma Application: Samsung NET-i ware http://www.samsungsecurity.com/product/productview.asp?idx=6447 http://www.samsungsecurity.com/product/productview.asp?idx=5828 Versions: = 1.37 Platforms: Windows Bugs: A Endless loop in remote...
optima apiftp server 1.5.2.13 - Multiple Vulnerabilities
optima apiftp server 1.5.2.13 - Multiple Vulnerabilities Luigi Auriemma Application: Optima APIFTP Server http://www.optimalog.com/home.html Versions: = 1.5.2.13 Platforms: Windows Bugs: A NULL pointer B endless loop Exploitation: remote Date: 13 Nov 2011 Author: Luigi Auriemma e-mail:...
optima apiftp server 1.5.2.13 - Multiple Vulnerabilities
Luigi Auriemma Application: Optima APIFTP Server http://www.optimalog.com/home.html Versions: = 1.5.2.13 Platforms: Windows Bugs: A NULL pointer B endless loop Exploitation: remote Date: 13 Nov 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bugs 3 The Co...
acpid DoS
Large number of connections leads to endless loop...
Microsoft Host Integration Server DoS
Uninitialized pointer dereference, endless loop...