290 matches found
CVE-2015-1142857
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before...
CVE-2015-1142857
CVE-2015-1142857 describes a network-virtualization flaw where VFs assigned to guests can cause ethernet flow-control pause frames to be sent via the PF on SR-IOV NICs. The vulnerability affects multiple drivers and firmware families: Linux ixgbe (before commit f079fa005aae08ee0e1bc32699874ff4f02...
CVE-2015-1142857
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before...
[SECURITY] Fedora 26 Update: openvswitch-2.7.3-2.fc26
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
CVE-2017-14297
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls Code Flow starting at STDUJBIG2File!DllGetClassObject+0x0000000000002f35."...
Race condition
A vulnerability in the Session Initiation Protocol SIP of the Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerabili...
Cisco TelePresence CE and TC Software 'SIP' DoS Vulnerability (cisco-sa-20170607-tele)
Cisco TelePresence Endpoint is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
httpd: mod_http2 denial-of-service by thread starvation
A denial of service flaw was found in httpd's modhttp2 module. A remote attacker could use this flaw to block server threads for long times, causing starvation of worker threads, by manipulating the flow control windows on streams...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the drivers/media/platform/msm/camerav2/isp/msmispaxiutil.c component of Qualcomm’s Android operating system is related to the lack of flow control checks. Exploiting this vulnerability allows a remote attacker to enhance their privileges through a specially created applicati...
Apache HTTP Server 2.4.x < 2.4.23 Multiple Vulnerabilities
Binary data 9394.prm...
DEBIAN-CVE-2016-1546
The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control windows...
CVE-2016-1546
The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control windows...
CVE-2016-1546
The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control windows...
Generalized SQL Injection Vulnerability in Flow Control Routing of CoQin Technology
Since its inception over 15 years ago, Co-Tech has evolved from a manufacturer of high-end modems to a strong competitor in the broadband solutions space. A generalized SQL injection vulnerability exists in the flow control routing of Welkin Technologies. It allows attackers to utilize commonly...
百为流控路由设计不当 可任意添加管理员
POST /goform/webForm HTTP/1.0 Referer: ...:2011/advance/adminuser.htm?v=20130320 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Accept: / Accept-Language: zh-CN Proxy-Connection: Keep-Alive User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64; Trident/7.0; rv:11.0 like...
Is it possible to optimize SSH or SFTP connections?
QUESTION: Is it possible to optimize SSH or SFTP connections? ANSWER: SSH and SFTP are encrypted traffic: SSH one-time encrypted data stream and SFTP goes over the SSH port CloudBridge can only optimize with flow-control-only but won't be able to compress it...
PT-2016-2318
Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.18 Description The issue is related to resource management errors in the Apache HTTP Server. It allows a remote attacker to cause a denial of service by modifying flow-control windows, leading to ...
Apache Httpd < 2.4.20 : mod_http2: denial of service by thread starvation
By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18...
Potential Vulnerability with Intel® LAN Products with SR-IOV
Summary: A potential issue impacting Intel® LAN products with SR-IOV capability is expected to be publicly disclosed by security researchers at an industry conference on August 13, 2015. Description: In Intel® LAN products with SR-IOV capability, the potential exists where, under specific...
The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure
The vulnerability of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending IEEE 802.3x control frames remotely...