7294 matches found
FreeBSD fails to limit number of TCP segments held in reassembly queue
Overview FreeBSD fails to limit the number of TCP segments held in a reassembly queue which could allow an attacker to exhaust all available memory buffers mbufs on the destination system resulting in a denial-of-service condition. Description The Transmission Control Protocol TCP is part of the...
CVE-2003-0995
Buffer overflow in the Microsoft Message Queue Manager MSQM allows remote attackers to cause a denial of service RPC service crash via a queue registration request...
CVE-2003-0995
Buffer overflow in the Microsoft Message Queue Manager MSQM allows remote attackers to cause a denial of service RPC service crash via a queue registration request...
EUVD-2003-0985
Buffer overflow in the Microsoft Message Queue Manager MSQM allows remote attackers to cause a denial of service RPC service crash via a queue registration request...
Microsoft Windows XP/2000 - PostThreadMessage() Arbitrary Process Killing
// source: https://www.securityfocus.com/bid/8747/info A vulnerability has been discovered in the Microsoft Windows operating system. The flaw lies in the way that processes handle messages sent from another process via the PostThreadMessage API call. Reports indicate that, if a running process h...
DEBIAN-CVE-2003-0540
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service lock via 1 a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or 2 v...
Postfix 1.1.x - Denial of Service (1)
Postfix 1.1.x - Denial of Service 1 // source: https://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to "bounce-scan" a private network. It has also been reported...
CVE-2003-0567
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service traffic block by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full...
GNU GNATS 3.113.1_6 - Queue-PR Database Command Line Option Buffer Overflow
source: https://www.securityfocus.com/bid/8232/info A stack overflow vulnerability has been reported for the queue-pr utility of GNATS. The vulnerability occurs due to insufficient checks performed on the arguments to the '-d' commandline option. Successful exploitation may result in the executio...
Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)
Exploit for hardware platform in category dos / poc =================================================================== Cisco IOS IPv4 Packet Denial of Service Exploit cisco-bug-44020.c =================================================================== // / cisco-bug-44020.c - Copyright by Marti...
GNU GNATS 3.113.1_6 - Queue-PR Database Command Line Option Buffer Overflow
GNU GNATS 3.113.16 - Queue-PR Database Command Line Option Buffer Overflow source: https://www.securityfocus.com/bid/8232/info A stack overflow vulnerability has been reported for the queue-pr utility of GNATS. The vulnerability occurs due to insufficient checks performed on the arguments to the...
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service
// / cisco-bug-44020.c - Copyright by Martin Kluge [email protected] / / / / Feel free to modify this code as you like, as long as you include / / the above copyright statement. / / / / Please use this code only to check your OWN cisco routers. / / / / / / This exploit uses the bug in recent IOS...
Sendmail < 8.12.1 RestrictQueueRun Option Multiple Argument Local DoS
The remote Sendmail server, according to its version number, might be vulnerable to a queue destruction when a local user runs sendmail -q -h1000 If your system does not allow users to process the queue which is the default, you are not vulnerable. Note that this vulnerability is local only. C...
CVE-2002-0794
The acceptfilter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service network service availability via a large number of connection attempts, which fills the queue...
CVE-2002-0235
Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event...
CVE-2002-0235
Castelle FaxPress (likely v6.3 and other versions) is affected when configured to use the Network print queue. An incorrect login can cause FaxPress to leak the correct username and password in plaintext in an error event. This may impact confidentiality and integrity (PARTIAL) and could affect a...
CVE-2002-0235
Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event...
Castelle Faxpress: Password used for NT Print queue can be discl osed in Plain Text
Overview I have reported this to Castelle and they told me it is a feature for troubleshooting, however they will make the change the next time they release the Faxpress Software. I just thought that other admins should be made aware so they can check their systems are secured correctly. Printing...
CVE-2001-0715
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode...
CVE-2001-0714
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service data loss by 1 setting a high initial message hop count option -h, which causes Sendmail to drop queue entries, 2 via the -qR option, or 3 via the -qS option...