nodejs: Nodejs denial of service

A denial of service flaw has been discovered in NodeJS. A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of...

php: Streams HTTP wrapper does not fail for headers with invalid name and no colon

A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon :, which may confuse applications into processing them as valid headers...

Node.js security vulnerabilities

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. There are security vulnerabilities in Node.js, which stem from unhandled TLSSocket errors when processing malformed HTTP/2 HEADERS frames. These vulnerabilities can lead to process crashes...

EUVD-2018-18998

Malware in sbrugna...

EUVD-2006-5860

Malware in sbrugna...

EUVD-2007-4600

Malware in sbrugna...

SUSE-SU-2018:2299-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-10861: Fix ceph-mon authorization on OSD pool ops bsc1099162. - CVE-2018-1128: Fix cephx signature check bypass bsc1096748. - CVE-2018-1129: Fix cephx protocol vulnerability to replay attack bsc1096748. -...

Red Hat Ceph Denial of Service Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system without a single point of failure based on POSIX Portable Operating System Interface so that data can be fault-tolerant and seamlessly replicated...

Apache HTTP Server error handling malformed HTTP headers Denial of Service (CVE-2014-0117)

A denial of service vulnerability has been reported in Apache HTTP server. The vulnerability is due to an error handling malformed HTTP headers. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the target server...

CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...

CVE-2001-1245

Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name...

CVE-2001-1245

Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name...