CVE-2002-1586

Solaris 2.5.1 through 9 allows local users to cause a denial of service kernel panic by setting the sdstruiowrq variable in the struioget function to null, which triggers a null dereference...

[SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 201-1 [email protected] http://www.debian.org/security/ Martin Schulze December 2nd, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 201-1 [email protected] http://www.debian.org/security/ Martin Schulze December 2nd, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 201-1] New Free/SWan packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 201-1 [email protected] http://www.debian.org/security/ Martin Schulze December 2nd, 2002 http://www.debian.org/security/faq -...

DSA-201 freeswan - denial of service

Bulletin has no description...

CVE-2002-0666

IPSEC implementations including 1 FreeS/WAN and 2 KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service kernel panic via spoofed, short Encapsulating Security Payload ESP packets, which result in integer signedness errors...

CVE-2002-0666

CVE-2002-0666 affects multiple IPsec implementations (notably FreeS/WAN and KAME). The root cause is incorrect calculation of the authentication data length for very small ESP datagrams, which can result in an unsigned integer overflow and cause a kernel panic (remote denial of service). The NVD/...

NetBSD Security Advisory 2002-016: Insufficient length check in ESP authentication data

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-016 ================================= Topic: Insufficient length check in ESP authentication data Version: NetBSD-current: source prior to August 23, 2002 NetBSD-1.6 beta: source prior to August 23, 2002 NetBSD-1.5.3: affected...

Multiple IPsec implementations do not adequately validate authentication data

Overview IPsec implementations from multiple vendors do not adequately validate the authentication data in IPsec packets, exposing vulnerable systems to a denial of service. Description For background: RFC 2401 Security Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC...

CVE-2002-0831

The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service kernel panic via a pipe call in which one end is terminated and an EVFILTWRITE filter is registered for the other end...

Security Advisory FreeBSD-SA-02:37.kqueue

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:37.kqueue Security Advisory The FreeBSD Project Topic: local users can panic the system using the kqueue mechanism Category: core Module: kqueue Announced: 2002-08-05...

HP-UX kernel specifies incorrect arguments for setrlimit()

Overview A problem exists in some versions of the HP-UX kernel allowing an intruder to cause kernel panics. Description Certain versions of HP-UX setrlimit system call contain a vulnerability that permits an intruder to cause kernel panics or compromise the system. Quoting from HP Security Bullet...

CVE-2001-0993

NetBSD 1.3–1.5 is affected in the kernel sendmsg path where a msghdr with a large msg_controllen can trigger a local denial of service (kernel trap or panic). The underlying vulnerability is a kernel instability when processing msghdr data in sendmsg, leading to DoS for local users. Public source...

CVE-1999-1339

Vulnerability when Network Address Translation NAT is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service kernel panic via a ping -R record route command...

CVE-1999-1339

CVE-1999-1339 affects Linux 2.2.10 and earlier (with ipchains) and FreeBSD 3.2 (with ipfw). The issue is triggered by a crafted ping -R (record route) packet, causing a remote attacker to induce a kernel panic and denial of service. The vulnerability arises from how NAT is handled when enabled, a...

FreeBSD-SA-02:09.fstatfs

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:09 Security Advisory FreeBSD, Inc. Topic: fstatfs race condition may allow local denial of service via procfs Category: core Module: kernel Announced: 2002-02-06 Credits:...

CVE-2001-1047

OpenBSD kernel VFS is impacted by a race condition that can lead to a local denial of service (kernel panic). The vulnerability arises when (1) a pipe is created in one thread and another thread closes/sets a descriptor to NULL, or (2) dup2 is used on a descriptor in one process and it is later s...

CVE-2001-1047

Race condition in OpenBSD VFS allows local users to cause a denial of service kernel panic by 1 creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or 2 calling dup2 on a file descriptor in one process, then setting the descriptor to NU...

RH Linux Tux HTTPD DoS

TUX HTTPD Denial of Service Condition ============================= Background: ------------- Tux is a Kernel-Space HTTP server coded for optimal performance IRQ Affinity,HTTP compression, direct scatter-gather DMA etc. It is meant to be used as the main HTTP server for static objects with reques...

RedHat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service

source: https://www.securityfocus.com/bid/3506/info TUX is a kernel based HTTP server released under the GNU General Public License. It is able to serve static content, cache dynamic content, and coordinate with other HTTP servers to produce dynamic content. An error exists when the TUX daemon...