86 matches found
CVE-2018-8005
CVE-2018-8005 affects Apache Traffic Server (ATS). When a range request contains multiple ranges, ATS reads the entire object from cache, causing potential performance degradation for large cached objects. Affected versions are 6.0.0–6.2.2 and 7.0.0–7.1.3. Mitigation: upgrade to 6.2.3 or later fo...
CVE-2018-8005
When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...
CVE-2016-1381
Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an HTTP file-range request for cached content, aka Bug ID CSCuw97270...
Cisco WSA Multiple Vulnerabilities 05/16
Cisco WSA Software is prone to multiple vulnerabilities. CVE-2016-1380 A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its Web Security Appliance software. Exploitation of these vulnerabilities could cause a denial-of-service-condition on an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories a...
Cerber Ransomware On The Rise, Fueled By Dridex Botnet
Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex...
Cerber Ransomware Partners with the Dridex Spam Distributor
Cerber ransomware incorporates the unusual feature of “speaking” its ransom message after successfully infecting a user machine and encrypting files. Cerber was first seen in the wild at the end of February 2016 and was observed being delivered mostly via exploit kits EK, notably using Magnitude...
Cerber Ransomware Partners with the Dridex Spam Distributor
Cerber ransomware incorporates the unusual feature of “speaking” its ransom message after successfully infecting a user machine and encrypting files. Cerber was first seen in the wild at the end of February 2016 and was observed being delivered mostly via exploit kits EK, notably using Magnitude...
Cisco Releases Security Updates for Web Security Appliances
Cisco has released security updates to address multiple vulnerabilities in Web Security Appliances. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of the affected network device. Users and administrators are encouraged to review the Cisco Security...
CVE-2015-0275
The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...
CVE-2015-0275
The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...
CVE-2015-0275
CVE-2015-0275 affects the Linux kernel ext4 subsystem: the ext4_zero_range function in fs/ext4/extents.c allows local users to trigger a denial of service via a crafted fallocate zero-range request. The linked MiracleLinux/Unity Linux Nessus entries reproduce this: the vulnerability is described ...
Squid HTTP Range Request Handling DoS Vulnerability (SQUID-2014:2)
Squid is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...
CVE-2015-0275
The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...
squid DoS
DoS via Range: request...
squid DoS
DoS via Range: request if SSL-Bump is allowed...
squid: denial of service when using SSL-Bump
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...
CVE-2014-0128
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...
UBUNTU-CVE-2014-0128
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...
Server side request forgery (ssrf)
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...