204 matches found
SuSE 10 Security Update : Postfix (ZYPP Patch Number 7403)
The following bug has been fixed : - Postfix did not clear the receive buffer after the STARTTLS command. A man-in-the middle could therefore inject commands in the unencrypted stream that get interpreted in the encrypted phase after STARTTLS. CVE-2011-0411 %NASLMINLEVEL 70300 C Tenable Network...
SuSE9 Security Update : Postfix (YOU Patch Number 12707)
The following bugs have been fixed : - Remote attackers could potentially exploit a memory corruption issue in postfix' SASL implementation to execute arbitrary code. CVE-2011-1720 - Also Postfix did not clear the receive buffer after the STARTTLS command. A man-in-the middle could therefore inje...
CVE-2006-2275
Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service deadlock via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."...
PT-2006-3242 · Linux +1 · Linux Sctp +1
Name of the Vulnerable Software and Affected Versions: Linux SCTP lksctp versions prior to 2.6.17 Description: The issue allows remote attackers to cause a denial of service deadlock by sending a large number of small messages to a receiver application that cannot process them quickly enough. Thi...