78 matches found
qemu: DoS via large option request
The Network Block Device NBD server in Quick Emulator QEMU, is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other...
Design/Logic Flaw
Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10,...
[SECURITY] Fedora 25 Update: dnsperf-2.1.0.0-3.fc25
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...
5 Ways to Use Log Data to Analyze System Performance
Analyzing System Performance Using Log Data Recently we examined some of the most common behaviors that our community of 25,000 users looked for in their logs, with a particular focus on web server logs. In fact, our research identified the top 15 web server tags and alerts created by our...
Weblate: Bypassing captcha in registration on Hosted site
Hello again, I believe the captcha on the user registration form is very simple and can be easily bypassed to automatically register any number of accounts. A program can read the math captcha, solve it and submit the form with the answer and the other required parameters & headers. Note: I read...
CVE-2016-8290
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633...
CVE-2016-5633
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290...
Microsoft Windows Search Component Denial of Service Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A denial of service vulnerability exists in the search component of Microsoft Windows, which arises from a program's failure to properly handle certain objects in memory. A local attacker could exploit...
Oracle MySQL Server:Performance Schema Subcomponent Denial of Service Vulnerability
Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in the Server:Performance Schema subcomponent of Oracle MySQL 5.7.10 and earlier versions, which can be exploited by attackers to cause a denial of service and impact data availabilit...
Citrix Provisioning Services Antivirus Best Practices
The environment may experience one or more of the following symptoms if the antivirus client is impacting either the Target Devices or PVS Servers. - Target Devices running the VDA software may appear power state unknown and no longer registered whenlooking at them via Studio or Director. -...
Fedora 21 : zarafa-7.1.12-1.fc21 (2015-5823)
Zarafa Collaboration Platform 7.1.12 final 48726 ================================================== - ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option - ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions - ZCP-10578: missing...
Allaire ColdFusion Server 4.0/4.0.1 CFCACHE Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/917/info ColdFusion 4.x includes a function called CFCACHE. This function improves server performance by caching the HTML output of processed CFM pages. When the CFCACHE tag is used in a CFM page, it creates temporary...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
These updated packages fix the following security issues : - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition SIT INET6 implementation. This could allow a local unprivileged user to cause a denial of service. CVE-2008-2136, Important - a flaw was found in the...
Nessus 4.4.0 New version release !
Finally, an updated version of Nessus is out after a long time! This is Nessus version 4.4.0 "The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of yo...
Multiple Vendor SOAP Denial of Service (CVE-2004-1815)
A vulnerability exists in the way Apache Axis handles requests with SOAP arrays in the parameters. Apache Axis is embedded within several Web Services packages. Attackers can trigger the vulnerability to cause a denial of service condition in a vulnerable service. Triggering the vulnerability...
Ubuntu 4.10 : samba vulnerability (USN-22-1)
Karol Wiesek discovered a Denial of Service vulnerability in samba. A flaw in the input validation routines used to match filename strings containing wildcard characters may allow a remote user to consume more than normal amounts of CPU resources, thus impacting the performance and response of th...
USN-22-1: samba vulnerability
Karol Wiesek discovered a Denial of Service vulnerability in samba. A flaw in the input validation routines used to match filename strings containing wildcard characters may allow a remote user to consume more than normal amounts of CPU resources, thus impacting the performance and response of th...
Service Pack 1 for Microsoft Dynamics CRM 2013 Server (KB2941390)
Service Pack 1 for Microsoft Dynamics CRM 2013 Server KB2941390...