3830 matches found
Multiple Vulnerabilities in Cisco Intrusion Prevention System Software (cisco-sa-20140219-ips)
According to its self-reported version, the version of the Cisco Intrusion Prevention System software running on the remote is affected by the following denial of service vulnerabilities : - The Analysis Engine can become unresponsive due to improper handling of fragmented packets processed throu...
CVE-2014-0720
Cisco IPS Software 7.1 before 7.18E4 and 7.2 before 7.22E4 allows remote attackers to cause a denial of service Analysis Engine process outage via a flood of jumbo frames, aka Bug ID CSCuh94944...
Design/Logic Flaw
Cisco IPS Software 7.1 before 7.18E4 and 7.2 before 7.22E4 allows remote attackers to cause a denial of service Analysis Engine process outage via a flood of jumbo frames, aka Bug ID CSCuh94944...
CVE-2014-0720
Cisco IPS Software 7.1 before 7.18E4 and 7.2 before 7.22E4 allows remote attackers to cause a denial of service Analysis Engine process outage via a flood of jumbo frames, aka Bug ID CSCuh94944...
Cisco IPS Software拒绝服务漏洞(CVE-2014-0720)
BUGTRAQ ID: 65669 CVECAN ID: CVE-2014-0720 Cisco IPS Software是网络入侵防御软件。 Cisco IPS处理大量的巨型帧时存在安全漏洞,未经身份验证的远程攻击者可利用此漏洞造成分析引擎进程崩溃,导致拒绝服务。 0 Cisco IPS 4200 Series Sensors 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20140219-ips)以及相应补丁: cisco-sa-20140219-ips:Multiple Vulnerabilities in Cisco IPS...
ESXi 5.0 < Build 515841 Multiple Vulnerabilities (remote check)
The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - A security bypass vulnerability exists in the e1000 driver in the Linux kernel due to improper handling of Ethernet frames that exceed the MTU. An unauthenticated, remote attacker can exploit this, via...
Cisco MDS 9000 NX-OS Software Denial of Service Vulnerability
A vulnerability in the supervisor of the Cisco MDS Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper handling of Virtual Router Redundancy Protocol VRRP frames. An attacker could exploit this vulnerability by...
[SECURITY] Fedora 19 Update: elinks-0.12-0.35.pre6.fc19
Elinks is a text-based Web browser. Elinks does not display any images, but it does support frames, tables and most other HTML tags. Elinks' advantage over graphical browsers is its speed--Elinks starts and exits quickly and swiftly displays Web pages...
CVE-2013-5962
The CVE-2013-5962 entry relates to the WordPress plugin Complete Gallery Manager (before 3.3.4 rev40279). Affected component: frames/upload-images.php which permits an unrestricted file upload. Root cause: uploading a file with an executable extension allows remote attackers to access the uploade...
Implement clickjacking protection on https://answers.atlassian.com/
We received an external security report from Monendra Sahu that https://answers.atlassian.com/ is vulnerable to clickjacking|http://en.wikipedia.org/wiki/Clickjacking. This can be fixed by sending a X-Frame-Options header with a value of SAMEORIGIN. This will prevent answers from being displayed ...
Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled
The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...
Cisco Intrusion Prevention System Jumbo Frame Denial of Service (cisco-sa-20080618-ips)
According to its self-reported version, the version of the Cisco Intrusion Prevention System Software running on the remote host may be vulnerable to a denial of service DoS attack caused by a kernel panic. This is due to the handling of jumbo Ethernet frames when gigabit network interfaces are...
Firefox < 23.0 Multiple Vulnerabilities (Mac OS X)
The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by multiple vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...
Firefox < 23.0 Multiple Vulnerabilities
The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...
Firefox ESR 17.x < 17.0.8 Multiple Vulnerabilities (Mac OS X)
The installed version of Firefox ESR 17.x is earlier than 17.0.8 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701 - Unspecified errors exist related to HTML frames and history handling,...
CVE-2013-2881
Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
Authentication flaw
Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
DEBIAN-CVE-2013-4162
The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...
CVE-2011-3593
A certain Red Hat patch to the vlanhwacceldoreceive function in net/8021q/vlancore.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows remote attackers to cause a denial of service system crash via priority-tagged VLAN frames...
Design/Logic Flaw
A certain Red Hat patch to the vlanhwacceldoreceive function in net/8021q/vlancore.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows remote attackers to cause a denial of service system crash via priority-tagged VLAN frames...