Slowloris Denial of Service Attack

Slowloris tries to keep many connections to the target web server open and hold them open as long as possible. It accomplishes this by opening connections to the target web server and sending a partial request. Periodically, it will send subsequent HTTP headers, adding to-but never completing-the...

Calculate MSS Value for NetScaler SD-WAN Appliances

By default, the MSS value is defined as 1380 bytes in aNetScaler SD-WANappliance, assuming the WAN infrastructure allows a standard IP packet maximum transmission unit MTU size of 1,500 bytes. Some WAN infrastructures might not provide enough space for MSS of 1380 bytes because additional protoco...

Window Server does not boot because of stuck MPIO/SCSI registry records in SYSTEM hive

Challenge When storage snapshot gets mounted to proxy Windows creates multiple registry records in: HKLM\SYSTEM\ControlSet001\Enum\MPIO HKLM\SYSTEM\ControlSet001\Enum\SCSI when windows mpio is disabled The problem is that when storage snapshot gets unmounted Windows does not clean up registry...

DEBIAN-CVE-2017-1000112

Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSGMORE ipappenddata calls ipufoappenddata to append. However in between two send calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In...

dcrawl - Simple, But Smart, Multi-Threaded Web Crawler For Randomly Gathering Huge Lists Of Unique Domain Names

dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site's body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...

UBUNTU-CVE-2017-14316

A parameter verification issue was discovered in Xen through 4.9.x. The function allocheappages allows callers to specify the first NUMA node that should be used for allocations through the memflags parameter; the node is extracted using the MEMFgetnode macro. While the function checks to see if...

ALPINE-CVE-2017-14316

A parameter verification issue was discovered in Xen through 4.9.x. The function allocheappages allows callers to specify the first NUMA node that should be used for allocations through the memflags parameter; the node is extracted using the MEMFgetnode macro. While the function checks to see if...

DEBIAN-CVE-2017-14316

A parameter verification issue was discovered in Xen through 4.9.x. The function allocheappages allows callers to specify the first NUMA node that should be used for allocations through the memflags parameter; the node is extracted using the MEMFgetnode macro. While the function checks to see if...

Domain Analyzer

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresse...

CVE-2017-9853

An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for the user and installer password. No complexity requirements or length requirements are set. Also, strong passwords are impossible due to a maximum of 12 characters and a limited set of...

UBUNTU-CVE-2017-11600

net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX or less, which allows local users to cause a denial of service out-of-bounds access or possibly have unspecified other impact via an...

PT-2017-4328

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.4.0-96.119 and later Description: A flaw in the Linux kernel's memory deduplication mechanism, specifically in the Kernel Samepage Merging KSM component, can create a side channel. This allows an attacker to potentiall...

Trend Micro Maximum Security tmusa Kernel Driver Untrusted Pointer Dereference Denial of Service Vulnerability

This vulnerability allows local attackers to deny service on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...

Trend Micro Maximum Security tmusa Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privilege on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Mixmax: no string size restriction on team name

To limit unintended effects across our UI and infrastructure, we put a maximum length on team names...

How to Attach Additional Disk to NetScaler MAS 12.0

Citrix ADM, formerly NetScaler MAS The article describes how to attach an additional disk to NetScaler MAS 12.0 and lower versions. Points to Note You can only add one additional disk to NetScaler MAS apart from the default 120 GB disk. Adding more than one additional disk is not supported. The...

Weblate: Specify maximal length in new comment

Hi, I tried to put this new comment in a translation and I got error. Message: asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk...

Advanced Optimization of Veeam Backup & Replication Configuration for VMware VSAN

Article Applicability This article is intended to provide additional information beyond the basic advice found in the Veeam Backup & Replication User Guide: Virtual Appliance Mode for VMs on VSAN. Purpose This article provides additional advice for optimizing Veeam Backup & Replication...

Denial Of Service (DoS)

Glassfish is vulnerable to denial of service DoS attacks. It does not properly handle the maximum number of items allowed in the range header of the servlet request, allowing denial of service attacks...

UBUNTU-CVE-2016-7944

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INTMAX, which triggers the client to stop reading data and get out of sync...