CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

[SECURITY] [DSA 3527-1] inspircd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3527-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 24, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3527-1] inspircd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3527-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 24, 2016 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3527-1 (inspircd - security update)

It was discovered that inspircd, an IRC daemon, incorrectly handled PTR lookups of connecting users. This flaw allowed a remote attacker to crash the application by setting up malformed DNS records, thus causing a denial-of-service, OpenVAS Vulnerability Test $Id: deb3527.nasl 6608 2017-07-07...

Debian: Security Advisory (DSA-3527-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Internet Explorer 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR Exploit

Exploit for windows platform in category dos / poc IE11 11.0.9600.18097 NULL PTR / Exploit Title: IE 11 COmWindowProxy::SwitchMarkup NULL PTR Date: 09.12.2015 Exploit Author: Marcin Ressel Vendor Homepage: www.microsoft.com Software Link: 0 Version: 11.0.9600.18097 Tested on: Windows 7 x64...

Oracle: Security Advisory (ELSA-2009-1243)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DNS Enumeration Script: DNSRecon

DNS reconnaissance is part of the information gathering stage on a penetration test engagement. When a penetration tester is performing a DNS reconnaissance he is trying to obtain as much information as he can regarding the DNS servers and their records. The information that can be gathered can...

openSUSE Security Update : vlc (openSUSE-SU-2015:0201-1)

vlc was updated to the current openSUSE Tumbleweed version. live555 was also updated to the current openSUSE Tumbleweed version as a dependency. Security issues fixed : - Fix various buffer overflows and null ptr dereferencing boo914268, CVE-2014-9625. Other fixes : - Enable SSE2 instruction set...

jetAudio 8.1.3 Basic (mp3) - Crash POC

Exploit for windows platform in category dos / poc Exploit Title : jetAudio 8.1.3 Basic Corrupted mp3 Crash POC Product : jetAudio Basic Date : 8.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable...

PHP <= 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce

No description provided by source. ?php / PHP = 5.4.3 wddxserialize / streambucket Variant Object Null Ptr Derefernce Author : condis Date : 10.04.2012 AD Website : http://cond.psychodela.pl ---- Download : http://php.net/downloads.php Tested on: PHP 5.3.8 + Windows XP SP3 Professional PL PHP...

openSUSE Security Update : claws-mail (openSUSE-SU-2012:1374-1)

A denial of service attack NULL ptr dereference in claws mail was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-719. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : kernel (openSUSE-SU-2011:0860-1)

The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or simila...

openSUSE Security Update : telepathy-gabble (openSUSE-SU-2013:0518-1)

telepathy-gabble was updated to fix a remote denial of service attack using NULL ptr dereferences during hashing. CVE-2013-1769. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

Code injection

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

CVE-2014-0350

The CVE concerns POCO C++ Libraries’ NetSSL X509Certificate::verify in Poco::Net, vulnerable before 1.4.6p4 to MITM via crafted DNS PTRs during server-name wildcard comparison. Affected product: POCO’s NetSSL in POCO C++ Libraries; root cause: weak validation of X.509 CN/SAN matching against wild...