8 matches found
SUSE CVE-2010-3609
The extension parser in slpv2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon SLPD in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service infinite loop via a packet with a "next...
CVE-2020-7663
websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other...
CVE-2020-7662
websocket-extensions npm module prior to 0.1.4 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other...
CVE-2020-7663
websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other...
Regular Expression Denial of Service (ReDoS)
Overview websocket-extensions is a generic extension manager for WebSocket connections. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. The EXTLIST variable within extension parser may take quadratic time when parsing literal backslash \ followed by...
Mandriva Update for openslp MDVSA-2012:141 (openslp)
Check for the Version of openslp OpenVAS Vulnerability Test Mandriva Update for openslp MDVSA-2012:141 openslp Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Design/Logic Flaw
The extension parser in slpv2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon SLPD in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service infinite loop via a packet with a "next...
CVE-2010-3609
The extension parser in slpv2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon SLPD in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service infinite loop via a packet with a "next...