bind: heavy DNSSEC validation load can cause assertion failure

ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service assertion...

CVE-2012-3570

Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service segmentation fault and daemon exit via a crafted client identifier parameter...

CVE-2012-3868

Race condition in the nsclient structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service memory consumption or process exit via a large volume of TCP queries...

Race condition

Race condition in the nsclient structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service memory consumption or process exit via a large volume of TCP queries...

CVE-2012-3817

ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service assertion...

CVE-2012-3570

Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service segmentation fault and daemon exit via a crafted client identifier parameter...

CVE-2012-1164

slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service assertion failure and daemon exit via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned...

ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...

ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability

This module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to the server to overwrite the hardcoded function pointer from Ws232.dll!WSACleanup. Once this function pointer is triggered, the cod...

CVE-2012-1820

Summary of CVE-2012-1820 : In Quagga, the bgpd daemon (versions up to 0.99.20.1 and earlier) incorrectly processes the BGP ORF capability in OPEN messages, allowing a remote attacker with a configured BGP peer to trigger an assertion failure and crash bgpd, causing a denial of service. The root c...

CVE-2012-1820

The bgpcapabilityorf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service assertion failure and daemon exit by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering ORF capability TLV in an OPEN message...

CVE-2012-0249

Removed by vendor...

Linux x86_64 - add user with passwd (189 bytes)

No description provided by source. ;scadduser01.S ;Arch: x8664, Linux ; ;Author: 0o -- nullnull ; nu11.nu11 at yahoo.com ;Date: 2012-03-05 ; ;compile an executable: nasm -f elf64 scadduser.S ; ld -o scadduser scadduser.o ;compile an object: nasm -o scadduserobj scadduser.S ; ;Purpose: adds user...

Linux x86_64 - add user with passwd 189 bytes

Linux x8664 - add user with passwd 189 bytes. Shellcode exploit for linx86-64 platform ;scadduser01.S ;Arch: x8664, Linux ; ;Author: 0o -- nullnull ; nu11.nu11 at yahoo.com ;Date: 2012-03-05 ; ;compile an executable: nasm -f elf64 scadduser.S ; ld -o scadduser scadduser.o ;compile an object: nasm...

CVE-2011-4313

Description summary: CVE-2011-4313 affects ISC BIND 9.0.x–9.9.0b1 and can cause a remote denial of service (assertion failure and named exit) triggered by certain recursive DNS query handling and the caching of an invalid record. Root cause / impact: the issue is tied to the resolver’s processing...

bind: Remote denial of service against recursive servers via logging negative cache entry

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...

Mandriva Update for krb5 MDVSA-2011:160 (krb5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for krb5 MDVSA-2011:160 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2011:160 krb5 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Linux Security Advisory : krb5 (MDVSA-2011:160)

Multiple vulnerabilities has been found and corrected in krb5 : The krb5ldaplockoutaudit function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service assertion...

Design/Logic Flaw

The krb5db2lockoutaudit function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8 through 1.8.4, when the db2 aka Berkeley DB back end is used, allows remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors, a different vulnerabilit...