CVE-2014-7250

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service resource consumption via crafted packets...

Session fixation

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service resource consumption via crafted packets...

CVE-2014-7250

Removed by vendor...

CVE-2014-7250

The CVE-2014-7250 entry documents a DoS flaw in the TCP stack: the 4.3BSD Net/2 TCP session timer is not properly implemented, affecting FreeBSD 5.4 and possibly NetBSD 2.0 and OpenBSD 3.6. A crafted packet can cause resource consumption due to improper session timer handling, enabling remote att...

JVN#07930208: BSD Operating Systems vulnerable to denial-of-service (DoS)

BSD operating systems contain an issue in the handling of the TCP session timer, which may lead to a denial-of-service DoS vulnerability. Impact When a sepcially crafted packet from a malicious server is received, a condition where client resources are not released may occur. As a result, clients...

Blaze Apps 1.4.0.051909 Cross Site Scripting / SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: Blaze Apps Multiple Vulnerabilities Vendor: http://blazeapps.codeplex.com Vulnerable Version: 1.4.0.051909 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Blaze Apps is a ASP .NET 2 Content Management System. It...