293 matches found
Apache Httpd < 2.4.20 : mod_http2: denial of service by thread starvation
By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18...
Potential Vulnerability with Intel® LAN Products with SR-IOV
Summary: A potential issue impacting Intel® LAN products with SR-IOV capability is expected to be publicly disclosed by security researchers at an industry conference on August 13, 2015. Description: In Intel® LAN products with SR-IOV capability, the potential exists where, under specific...
The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure
The vulnerability of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending IEEE 802.3x control frames remotely...
Cisco ASR 9000 IOS XR Resource Management Error Vulnerability
Cisco IOS XR on ASR 9000 is a set of operating systems from Cisco that run in the 9000 series router devices. A security vulnerability exists in Cisco IOS XR version 5.3.1 for Cisco ASR 9000 devices. A remote attacker can exploit this vulnerability to cause a denial of service NPU chip reset or...
CVE-2015-4205
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...
Design/Logic Flaw
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...
CVE-2015-4205
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...
Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability
A vulnerability in flow control processing of Cisco IOS XR Software for Cisco ASR 9000 Series Routers could allow an unauthenticated, adjacent attacker to cause a Network Processing Unit NPU chip reset and potentially a reload of the affected line card. The vulnerability is due to improper...
bash: off-by-one error in deeply nested flow control constructs
An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...
bash: off-by-one error in deeply nested flow control constructs
An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...
FreeBSD : bash -- out-of-bounds memory access in parser (4a4e9f88-491c-11e4-ae2c-c80aa9043978)
RedHat security team reports : It was discovered that the fixed-sized redirstack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code. An off-by-one...
bash: off-by-one error in deeply nested flow control constructs
An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...
bash: off-by-one error in deeply nested flow control constructs
An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...
bash: off-by-one error in deeply nested flow control constructs
An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...
bash -- out-of-bounds memory access in parser
RedHat security team reports: It was discovered that the fixed-sized redirstack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code. An off-by-one...
Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow
Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow Exploit Title: Easy File Sharing Web Server 6.8 stack buffer overflow Date: 10 May 2014 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.efssoft.com Software Link:...
kernel security update
CentOS Errata and Security Advisory CESA-2014:0108 Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring Syste...
RHEL 5 : kernel (RHSA-2014:0108)
Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
kernel security and bug fix update
kernel 2.6.18-371.4.1 - char ipmi: fix message handling during panics Tony Camuso 1049731 995293 - net igb: Use 32bit mask calculating the flow control watermarks Stefan Assmann 1041694 1036115 - fs NTLM auth and sign - Use appropriate server challenge Sachin Prabhu 1029865 1018286 - xen gnttab:...
CVE-2012-5573
The connectionedgeprocessrelaycell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service memory consumption or excessive cell reception rate or bypass intended flow-control...