1915 matches found
kernel: r8169 issue reported at 26c3
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to 1 cause a denial of service temporary network outage via a packet with a crafted size, in conjunction with...
kdelibs security update
3.5.4-22.0.1.el53 - Remove Version branding - Maximum rpm trademark logos removed pics/crystalsvg/-mime-rpm in tarball 3.5.4-22 - Resolves: 505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content...
CGI Generic Tests Timeout
Some generic CGI tests ran out of time during the scan. The results may be incomplete. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid39470; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate"...
CVE-2009-1336
fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...
ftp-anon NSE Script
Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. See also: ftp-brute.nse Script Arguments ftp-anon.maxlist The maximum number of files to return in the directory listing. By default it is 20, o...
DEBIAN-CVE-2008-4866
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...
SuSE 10 Security Update : OpenSSH (ZYPP Patch Number 5627)
Due to a faulty signal handler repeated login attempts could exhaust the maximum allowed connections and prevent further logins. CVE-2008-4109 A problem where utmp entries where not deleted when users logged out was also fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...
Denial of service
The mldinput function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service divide-by-zero error and panic via a malformed ICMPv6 Multicast Listener Discovery MLD query with a certain Maximum Response Del...
Security Best Practice: Protect Yourself from Ping of Death Attacks
A Ping of Death POD is a type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer. A ping is normally 56 bytes in size or 84 bytes when IP header is considered; historically, many computer systems could not handle a ping packet larger than the maxim...
vsftpd security and bug fix update
2.0.1-6 - add option maxloginfails that kicks the session after few login fails - Resolves: 197141 - fix bad handling of unique files - Resolves: 250727 - increase maximum length of allowed username - Resolves: 236326 - fix create/lock race condition when more clients are uploading to a file -...
CVE-2008-2811
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service application crash via an image whose display requires more pixels than nscoordMAX, relat...
SmartPPC Pay Per Click Script - idDirectory Blind SQL Injection (2)
SmartPPC Pay Per Click Script - idDirectory Blind SQL Injection 2 !/usr/bin/perl -W SmartPPC Pay Per Click Script Blind SQL Injection Exploit File affected: directory.php $idDirectory Vulnerability: Hamtaro Exploit: ka0x ka0x@domlabs:$ ./smartppc.pl -u...
The use of IIS maximum number of connections to test site bandwidth-vulnerability warning-the black bar safety net
This program only as technical exchanges, not for illegal purposes! Recently bought a space to play, you do not laugh, is the entry level of the virtual host, coupling is poor?, the various parameters are quite low, particularly IIS the number of connections, only 1 0 0, that is, at the same time...
CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities
Title: CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities CA Advisory Date: 2008-04-03 Reported By: Dyon Balding of Secunia Research Impact: A remote attacker can execute arbitrary code or cause a denial of service condition. Summary: CA...
The use of IIS maximum number of connections to test site bandwidth speed-vulnerability warning-the black bar safety net
This program only as technical exchanges, not for illegal purposes!) Recently bought a space to play, you do not laugh, is the entry level of the virtual host, coupling is poor?, the various parameters are quite low, particularly IIS the number of connections, only 1 0 0, that is, at the same tim...
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial of Service
source: https://www.securityfocus.com/bid/27141/info Pragma Systems FortressSSH is prone to a remote denial-of-service vulnerability because it fails to adequately handle certain exceptions when processing overly long user-supplied input. Attackers can exploit this issue to exhaust the maximum...
SuSE 10 Security Update : net-snmp (ZYPP Patch Number 4755)
This update of net-snmp fixes the following bug : - default and configurable maximum number of varbinds returnable to a GETBULK request. CVE-2007-5846 - crash when smux peers were configured with empty passwords %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this...
pcre integer overflow
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...
OpenBSD DHCP server buffer overflow
Integer overflow with "maximum message size" option leads to buffer overflow...
AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver
Asterisk Project Security Advisory - AST-2007-020 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Resource Exhaustion vulnerability in SIP channel | | | driver ...