5149 matches found
ISC BIND named DoS
DoS on SOA records processing if recursion is enabled...
CVE-2007-1861
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
CVE-2007-1861
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
CVE-2007-1861
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
CVE-2007-2241
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service daemon exit via a sequence of queries processed by the queryaddsoa function...
DEBIAN-CVE-2007-2241
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service daemon exit via a sequence of queries processed by the queryaddsoa function...
CVE-2007-2241
Summary (CVE-2007-2241) : An unspecified vulnerability in query.c of ISC BIND 9.4.0 and 9.5.0a1–9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) by issuing a crafted sequence of queries to the resolver. The issue is specifically tied to the qu...
Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service
Linux Kernel 2.6.x - NETLINKFIBLOOKUP Local Denial of Service / source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger a...
Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service
/ source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This...
security flaw
The key serial number collision avoidance code in the keyallocserial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service crash via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."...
Moderate: Red Hat Security Advisory: bind security update
Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name Syste...
MOPB-02-2007:PHP Executor Deep Recursion Stack Overflow
Summary The first day of MoPB is dedicated to vulnerabilities that are already known but are not yet or will never be fixed. The next bug of this category is the problem that PHP does not protect against deep recursions. Whenever a PHP application goes into a very deep recursion it will crash whe...
MOPB-03-2007:PHP Variable Destructor Deep Recursion Stack Overflow
Summary The last vulnerability for today is similar to the second one. This time the bug is however a deep recursion bug in the Zend Engine variable destruction. User input is parsed in an iterative way which allows the creation of very deeply nested array structures from user input. However when...
PHP Executor Deep Recursion Stack Overflow
PMASA-2007-3 Announcement-ID: PMASA-2007-3 Date: 2007-03-02 Summary PHP Executor Deep Recursion Stack Overflow Description Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs. One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive function in its...
PHP 4/5 - Executor Deep Recursion Remote Denial of Service
source: https://www.securityfocus.com/bid/22766/info PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker with permissions to execute PHP code on an affected computer may exploit this issue to crash PHP and kill all remaining...
SUSE-SA:2007:014: bind
The remote host is missing the patch for the advisory SUSE-SA:2007:014 bind. Two security problems were fixed in the ISC BIND nameserver version 9.3.4, which are addressed by this advisory: CVE-2007-0493: If recursion is enabled, a remote attacker can dereference a freed fetch context causing the...
CVE-2007-0006
The key serial number collision avoidance code in the keyallocserial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service crash via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."...
USN-410-1: poppler vulnerability
The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library. kpdf in Ubuntu 5.10, and KOffice i...
KDE kfile JPEG info plugin: Denial of service
Background The KDE kfile-info JPEG plugin provides meta-information about JPEG files. Description Marcus Meissner of the SUSE security team discovered a stack overflow vulnerability in the code processing EXIF information in the kfile JPEG info plugin. Impact A remote attacker could entice a user...
[ MDKSA-2006:227 ] - Updated kdegraphics packages fix EXIF vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:227 http://www.mandriva.com/security/ Package : kdegraphics Date : December 11, 2006 Affected: 2007.0, Corporate 3.0, Corporate 4.0 Problem Description: Stack overflow in the KFILE JPEG kfilejpeg plugin in...