78 matches found
PT-2020-3138 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.7 Description: A flaw in the Linux kernel's SELinux LSM hook implementation allows for insufficient authentication of data. This issue arises because the hook incorrectly assumes that a socket buffer skb...
SUSE-SU-2018:1326-1 Security update for memcached
This update for memcached fixes the following issues: - CVE-2018-1000115: Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server could result in denial of service via network flood traffic amplification of 1:50,000 ha...
Memcached 1.5.5 - Memcrashed Insufficient Control of Network Message Volume Denial of Service With Shodan API
Memcached 1.5.5 - Memcrashed Insufficient Control of Network Message Volume Denial of Service With Shodan API -- coding: utf8 -- !/usr/bin/python Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44265.zip import sys, os, time, shodan from pathlib import...
Memcached Denial of Service Vulnerability
Memcached is the American software developer Brad Fitzpatrick Brad Fitzpatrick developed a set of high-performance distributed memory object caching system. The system by caching data and objects in memory to reduce the number of times to read the database , thereby improving the speed of access ...
Memcached 1.5.5 - Memcrashed Insufficient Control Network Message Volume Denial of Service (2)
Memcached 1.5.5 - Memcrashed Insufficient Control Network Message Volume Denial of Service 2 Written by Alex Conrey Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44254.zip This program is free software: you can redistribute it and/or modify it under...
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (2)
Written by Alex Conrey Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44254.zip This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, eithe...
OPENSUSE-SU-2017:3018-1 Security update for mongodb
This update for mongodb 3.4.10 fixes the following issues: Security issues fixed: - CVE-2017-15535: MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when...
OPENSUSE-SU-2017:3022-1 Security update for mongodb
This update for mongodb 3.4.10 fixes the following issues: Security issues fixed: - CVE-2017-15535: MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when...
The vulnerability in the embedded microprogramming software of the IP-stack service for Huawei Campus series network switches models S2300, S2700, S3300, S3700, S5300EI, S5700EI, S5300SI, S5700SI, S5300HI, S5700HI, S6300EI, S6700EI, S5710HI, S5300LI, S5700LI, S2350EI, S2750EI, S5720HI, S7700, S9300, S9700 allows a intruder to cause service failure.
The vulnerability of the embedded microprogramming software of the IP-stack service for Huawei Campus series network switches, such as S2300, S2700, S3300, S3700, S5300EI, S5700EI, S5300SI, S5700SI, S5300HI, S5700HI, S6300EI, S6700EI, S5710HI, S5300LI, S5700LI, S2350EI, S2750EI, S5720HI, S7700,...
Qemu RTL8139 Uninitialized Heap Memory Information Disclosure Vulnerability
QEMU is an open source emulator software. Qemu, which supports RTL8139 emulation, suffers from an information disclosure vulnerability when processing network messages in the C+ operating mode of the RTL8139 processor, which can be exploited by a client user to read uninitialized Qemu heap memory...
Microsoft License Logging Server RPC Call Heap Overflow (MS09-064; CVE-2009-2523)
The License Logging service is a tool that was originally designed to help customers manage licenses for the Microsoft server products that are licensed in the Server Client Access License CAL model. License Logging service is one of the services used by Windows Small Business Server 2003 or...
UltraVNC VNCViewer Authenticate Buffer Overflow (CVE-2009-0388)
Virtual Network Computing VNC is a graphical desktop sharing technology that uses the Remote Frame Buffer RFB protocol to remotely control another computer. The controller computer client or viewer sends keyboard and mouse events to the controlled computer server; the controlled computer sends...
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
This host is missing a critical security update according to Microsoft Bulletin MS09-001. OpenVAS Vulnerability Test $Id: secpodms09-001.nasl 5363 2017-02-20 13:07:22Z cfi $ Vulnerabilities in SMB Could Allow Remote Code Execution 958687 Authors: Chandan S Copyright c 2009 SecPod,...
Default configuration
The default configuration of TIBCO Rendezvous RV 7.5.2 clients, when -no-multicast is omitted, uses a multicast group as the destination for a network message, which might make it easier for remote attackers to capture message contents by sniffing the network...
Microsoft Distributed Transaction Coordinator vulnerable to buffer overflow via specially crafted network message
Overview Microsoft Distributed Transaction Coordinator MSDTC may be vulnerable to a flaw that allows remote unauthenticated attackers to execute arbitrary code. Description The Microsoft Distributed Transaction Coordinator MSDTC is described by Microsoft as "distributed transaction facility for...
Hobbit Monitor DoS
Denial of Service during network message parsing...
ShixxNOTE buffer overflow
Buffer overflow on parsing network message...
PT-2009-6721 · Linux +1 · Udev-Debuginfo +10
Name of the Vulnerable Software and Affected Versions: udev versions prior to 1.4.1 libudev0-128 libudev-devel-128 libvolume-id0 libvolume id-095-14.20.el5 3 libvolume id-devel-095 libvolume id1-128 libvolume-id-dev udev-095 udev-128 udev-debuginfo-128 udev-debuginfo-085 udev-debugsource-128...