Packetbeat vulnerable to denial-of-service (DoS)

Overview Packetbeat provided by Elastic contains a denial-of-service DoS vulnerability. Packetbeat provided by Elastic is a network packet analyzer. Packetbeat contains a flaw in processing the PostgreSQL handler CWE-129 . Impact Processing a specially crafted packet may lead to a denial-of-servi...

UBUNTU-CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

SQL Injection

Npgsql is vulnerable to SQL injection. The vulnerability is caused by an integer overflow in the WriteBind method within NpgsqlConnector.FrontendMessages.cs, which leads to miscalculated message lengths when constructing PostgreSQL protocol messages. This allows attackers to manipulate message...

SQL Injection

Overview Npgsql is a .NET data provider for PostgreSQL. Affected versions of this package are vulnerable to SQL Injection by overflowing the sum of the integer and parameter lengths in NpgsqlConnector.FrontendMessages.cs, allowing arbitrary SQL to be injected into a PostgreSQL protocol message if...

GHSA-9Q3G-M353-CP4P Denial of Service in Packetbeat

Packetbeat versions prior to 5.6.4 and 6.0.0 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from proper...

Elasticsearch Packetbeat PostgreSQL protocol handler denial of service vulnerability

Elasticsearch Packetbeat is a set of lightweight network packet analysis tools from the Dutch company Elasticsearch.PostgreSQL protocol handler is one of the PostgreSQL protocol handlers. A denial of service vulnerability exists in the PostgreSQL protocol handler in Elasticsearch Packetbeat...

CVE-2017-11480

Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging...

CVE-2017-11480

Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging...

Beats 5.6.4 security update

Packetbeat denial of service ESA-2017-21 Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could...