GHSA-WMG4-8CP2-HPG9 Sydent vulnerable to denial of service attack via memory exhaustion

Impact Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to disk space exhaustion and denial of service. Sydent also does not limit response size for requests it makes to remote Matrix homeservers....

CVE-2021-29430

Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to memory exhaustion and denial of service. Sydent also does not limit response size for requests it...

PT-2014-1990 · Trane · Trane Comfortlink Ii

Name of the Vulnerable Software and Affected Versions: Trane ComfortLink II firmware version 2.0.2 Description: The issue is caused by a buffer overflow in the memory due to an overly long REG request. This can allow a remote attacker to execute arbitrary code. The vulnerability exists in the DSS...

SIP Username Enumeration

The SIP server on the remote host appears to respond differently to registration requests for valid and invalid usernames. Using that fact, Nessus was able to enumerate some of the valid usernames. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

CVE-2007-5398

Stack-based buffer overflow in the replynetbiospacket function in nmbd/nmbdpackets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request...