2466 matches found
Design/Logic Flaw
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...
CVE-2011-1910
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...
CVE-2011-1465
The SPDY implementation in net/http/httpnetworktransaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service application exit by canceling a stream...
kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...
DEBIAN-CVE-2010-4022
The dostandalone function in the MIT krb5 KDC database propagation daemon kpropd in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service listening process...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. The dostandalone function in the MIT krb5 KDC database propagation daemon kpropd in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits...
krb5: kpropd unexpected termination on invalid input (MITKRB5-SA-2011-001)
The dostandalone function in the MIT krb5 KDC database propagation daemon kpropd in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service listening process...
Input validation
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service assertion failure and daemon exit via vectors related to malformed router caches and improper handling of integer values...
Code injection
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service assertion failure and daemon exit via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file...
CVE-2011-0492
CVE-2011-0492 affects Tor up to 0.2.1.29 and 0.2.2.x up to 0.2.2.21-alpha. A remote attacker can trigger a denial of service (assertion failure and daemon exit) by sending blobs that trigger a certain file size (e.g., cached-descriptors.new). Public sources confirm the issue and patching guidance...
Wireshark < 1.2.14 / 1.4.3 Multiple Vulnerabilities
The installed version of Wireshark is 1.2.x less than 1.2.14 or 1.4.x less than 1.4.3. Such versions are affected by the following vulnerabilities : - An error exists in the MAC-LTE dissector that allows a series of malformed packets to cause a buffer overflow. 5530 - An error exists in the ENTTE...
kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...
kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...
CVE-2010-4248
Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...
Linux/ARM - add root user with password - 151 bytes
Linux/ARM - add root user with password - 151 bytes. Shellcode exploit for arm platform / Title: Linux/ARM - add root user with password - 151 bytes Date: 2010-11-25 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @shellstorm http://shell-storm.org Informations: ------------- -...
Fedora 12 : php-pear-CAS-1.1.3-1.fc12 (2010-15970)
This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...
Mandriva Update for avahi MDVSA-2010:204 (avahi)
Check for the Version of avahi OpenVAS Vulnerability Test Mandriva Update for avahi MDVSA-2010:204 avahi Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CVE-2010-2951
dnsinternal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service assertion failure and daemon exit via vectors that trigger an IPv4 DNS response with the TC bit set...
CVE-2010-2951
Removed by vendor...
Media Player Classic 1.3.2189.0 DLL Hijacking Exploit
/ Mediaplayer Classic 1.3.2189.0 Dll Hijack Exploit By: Encrypt3d.M!nd Date: 25\8\2010 Download: http://mpc-hc.sourceforge.net/ Details: Compile the following code and rename it to iacenc.dll and place file with one of the affected types in the same directory of the dll Affected types: m2ts, m2t,...