CVE-2012-0879

CVE-2012-0879 affects the Linux kernel prior to 2.6.33, where the I/O implementation for block devices mishandles the CLONE_IO feature. Local attackers can create multiple processes sharing an I/O context, causing I/O instability and a denial of service. The vulnerability is evidenced across mult...

CVE-2012-0879

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONEIO feature, which allows local users to cause a denial of service I/O instability by starting multiple processes that share an I/O context...

Mikrotik Router Denial Of Service

!/usr/bin/python Exploit Title: Mikrotik Router Remote Denial Of Service attack Date: 19/4/2012 Author: PoURaN @ 133tsec.com Software Link: http://www.mikrotik.com Version: All mikrotik routers with winbox service enabled are affected still a 0day 30/5/2012 Tested on: Mikrotis RouterOS 2.9.6 up t...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1426-1)

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Barwolf discovered a flaw in the KVM kernel-based virtual machin...

CVE-2012-0879

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONEIO feature, which allows local users to cause a denial of service I/O instability by starting multiple processes that share an I/O context...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6666)

The Mozilla Firefox 3.5.5 release fixes some instability issues caused by the 3.5.4 security upgrade. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid49888;...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-1597)

The Mozilla Firefox 3.5.5 release fixes some instability issues caused by the 3.5.4 security upgrade. One crash was assigned a CVE number: CVE-2009-3978: The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to...

SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1563)

The Mozilla Firefox 3.5.5 release fixes some instability issues caused by the 3.5.4 security upgrade. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell,...

Oracle Database Server SQL Injection In Package SYS.KUPV (CVE-2006-0586)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

BGP implementations do not properly handle UPDATE messages

Overview BGP implementations from multiple vendors including Juniper may not properly handle specially crafted BGP UPDATE messages. These vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service. Disrupting BGP communication could lead to routing instability...

3proxy double free vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 3proxy double free vulnerability Security Advisory Advisory: ADLAB-07006 3proxy double free vulnerability Class: Design Error DATE:10/22/2007 CVEID:CVE-2007-5622 Vulnerable: 3proxy =0.5.3i Vendor: http://www.3proxy.ru/ I.Synopsis A vulnerability has...

Code injection

rvd in TIBCO Rendezvous RV 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service network instability via a subject name with a leading 1 '' asterisk or 2 '' greater than wildcard character...

CVE-2007-4161

CVE-2007-4161 affects TIBCO Rendezvous (RV) 7.5.2. When -no-lead-wc is omitted, a remote attacker could cause a denial of service (network instability) by using a subject name beginning with a wildcard ("*" or ">"). The provided documents do not include concrete exploit details, affected build...

Microsoft IIS 6.0 (/AUX/. aspx) Remote Denial of Service Exploit-vulnerability warning-the black bar safety net

When sending multiple parallel GET requests to a IIS 6.0 server requesting /AUX/. aspx the server gets instable and non responsive. This happens only to servers which respond a runtime error System. Web. HttpException and take two or more seconds to respond to the /AUX/. aspx GET request. signed,...

Code injection

Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers to cause a denial of service application instability via certain invalid strings in the URL attribute of an ENCLOSURE element, as demonstrated by a "%s" sequence, a "%Y" sequence, a "%%" sequence, and an "n," sequence...

Microsoft Windows csrss (?) memory corruption exploited in-the-wild

Dear [email protected], On one of Russian forum security vulnerability is discussed in Microsoft Windows Windows XP is tested. A vulnerability is caused by memory corruption is string beginning with "?" is send thorugh MessageBox API with MBSERVICENOTIFICATION flag. It looks like some "debug"...

CVE-2006-3465

Unspecified vulnerability in the custom tag support for the TIFF library libtiff before 3.8.2 allows remote attackers to cause a denial of service instability or crash and execute arbitrary code via unknown vectors...

CVE-2006-3465

Unspecified vulnerability in the custom tag support for the TIFF library libtiff before 3.8.2 allows remote attackers to cause a denial of service instability or crash and execute arbitrary code via unknown vectors...

w3wp-dos.txt

--0-1633069887-1142992701=:20251 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sorry, if you are receiving multiple copies of it. Just resending as the one that I sent last night has not yet appeared. w3wp remote DoS due to improper reference of STA COM components i...

DOS во встроенном NAT сервере Windows 2000

Обнаружил dos во встроенном NAT сервере Windows 2000 Конфигурация проверенных серверов: Windows 2000 English Standard/Advanced Service Pack 4 + Update Rollup 1 for Service Pack 4 с установленным NAT сервером. При прохождении ip пакетов через сервер, с включенной опцией "Loose Source and Record...