Lucene search
+L

44 matches found

OSV
OSV
added 2024/10/29 2:33 p.m.4 views

GHSA-3F84-RPWH-47G6 Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion

Impact When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt ...

8.7CVSS5.9AI score0.01386EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.6 views

Waitress 安全漏洞

Waitress is a production-quality, pure Python WSGI server from the Pylons project. A security vulnerability existed prior to Waitress version 3.0.1, which stemmed from the fact that if a remote client closed a connection before waitress called getpeername, waitress would fail to clean up the...

7.5CVSS7.4AI score0.01386EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/09/11 12:0 a.m.9 views

PT-2023-9786

Name of the Vulnerable Software and Affected Versions: Waitress versions prior to 3.0.1 Description: The issue is related to the getpeername function in the Waitress WSGI server for Python. When a remote client closes the connection before Waitress has the opportunity to call getpeername, it fail...

9.1CVSS6.5AI score0.01386EPSS
Exploits0References57
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.8 views

kernel: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...

5.5CVSS6.7AI score0.00153EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.4 views

SUSE CVE-2006-1342

net/ipv4/afinet.c in Linux kernel 2.4 does not clear sockaddrin.sinzero before returning IPv4 socket names from the 1 getsockname, 2 getpeername, and 3 accept functions, which allows local users to obtain portions of potentially sensitive memory...

2.1CVSS6.4AI score0.00712EPSS
Exploits0References4
OSV
OSV
added 2022/11/14 7:19 p.m.5 views

GSD-2022-1007259 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()

scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 7:1 p.m.11 views

GSD-2022-1007058 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()

scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.1 views

PT-2022-35053 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a null pointer dereference while calling getpeername in the iscsi tcp component of the Linux Kernel. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/02 4:0 a.m.37 views

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS5.4AI score0.00934EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2011/05/23 12:0 a.m.25 views

Perl Denial of Service Vulnerability (Windows)

The host is installed with Perl and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbperldosvulnwin.nasl 7029 2017-08-31 11:51:40Z teissa $ Perl Denial of Service Vulnerability Windows Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH,...

5CVSS7.5AI score0.08749EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2011/05/19 11:20 a.m.6 views

Python: SMTP proxy RFC 2821 module DoS (uncaught exception) (Issue #9129)

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None...

4.3CVSS7.2AI score0.02774EPSS
Exploits0References4
NVD
NVD
added 2011/05/13 5:5 p.m.21 views

CVE-2011-0761

Perl 5.10.x allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash by leveraging an ability to inject arguments into a 1 getpeername, 2 readdir, 3 closedir, 4 getsockname, 5 rewinddir, 6 tell, or 7 telldir function call...

5CVSS6.4AI score0.08749EPSS
Exploits1References6
Prion
Prion
added 2011/05/13 5:5 p.m.17 views

Null pointer dereference

Perl 5.10.x allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash by leveraging an ability to inject arguments into a 1 getpeername, 2 readdir, 3 closedir, 4 getsockname, 5 rewinddir, 6 tell, or 7 telldir function call...

5CVSS6.9AI score0.08749EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2011/05/13 5:0 p.m.37 views

CVE-2011-0761

Perl 5.10.x allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash by leveraging an ability to inject arguments into a 1 getpeername, 2 readdir, 3 closedir, 4 getsockname, 5 rewinddir, 6 tell, or 7 telldir function call...

6.3AI score0.08749EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2011/05/05 6:16 p.m.8 views

Python: SMTP proxy RFC 2821 module DoS (uncaught exception) (Issue #9129)

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None...

4.3CVSS7.2AI score0.02774EPSS
Exploits0References4
NVD
NVD
added 2010/10/19 8:0 p.m.21 views

CVE-2009-5011

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS6.3AI score0.00934EPSS
Exploits0References4
OSV
OSV
added 2010/10/19 8:0 p.m.1 views

DEBIAN-CVE-2009-5011

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS7AI score0.00934EPSS
Exploits0References1
OSV
OSV
added 2010/10/19 8:0 p.m.11 views

CVE-2009-5011

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

6.2AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2010/10/19 8:0 p.m.1 views

CVE-2009-5011

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS5.6AI score0.01582EPSS
Exploits0References5
Prion
Prion
added 2010/10/19 8:0 p.m.27 views

Race condition

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerabilit...

4.3CVSS6.6AI score0.01582EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder